apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
36,485 Commits 304 Branches 324 Tags
Commit Graph

149 Commits

Author SHA1 Message Date
Vishesh
399bd0a067
Upgrade to mockito 4 and handle Mockito deprecations (#8427) 2024-02-06 14:20:37 +01:00
Abhishek Kumar
7dffbc6e47 Updating pom.xml version numbers for release 4.20.0.0-SNAPSHOT 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2024-02-02 18:16:37 +05:30
Abhishek Kumar
a7b97ff3b0 Updating pom.xml version numbers for release 4.19.1.0-SNAPSHOT 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2024-02-02 18:06:04 +05:30
Abhishek Kumar
2746225b99 Updating pom.xml version numbers for release 4.19.0.0 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2024-01-29 10:21:52 +05:30
Abhishek Kumar
82a6a1f6c4 Merge remote-tracking branch 'apache/4.18' into main 2023-04-04 16:10:12 +05:30
Marcus Sorensen
5d5fa04c8b
saml: Add EncryptedElementType key resolver to SAML plugin (#7268) 
There are multiple ways in which a SAML response can be formatted, especially when encryption is enabled. This PR removes the hardcoding of EncryptedKeyResolver= InlineEncryptedKeyResolver in favor of using a ChainingEncryptedKeyResolver which will try multiple resolvers. It preserves the InlineEncryptedKeyResolver as the first option but adds EncryptedElementTypeEncryptedKeyResolver to the chain of resolvers to try.

ChainingEncryptedKeyResolver is a bit finicky in that you can't provide it a list of resolvers, you can only fetch its internal list and add to it.

Theoretically we could add all of the resolver types to the chain, but for now just preserving the ones known to be in use.

Co-authored-by: Marcus Sorensen <mls@apple.com>
 2023-04-03 15:16:03 +05:30
John Bampton
c2e17310d6
Add three more pre-commit checks (#7083) 
Co-authored-by: dahn <daan@onecht.net>
 2023-03-27 13:28:55 +02:00
Daan Hoogland
fb4f6a334d Updating pom.xml version numbers for release 4.19.0.0-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2023-03-15 19:46:01 +01:00
Daan Hoogland
05cda2729f Updating pom.xml version numbers for release 4.18.1.0-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2023-03-15 19:38:14 +01:00
Daan Hoogland
0574087284 Updating pom.xml version numbers for release 4.18.0.0 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2023-03-11 09:35:41 +01:00
Harikrishna
a3feccf70c
User two factor authentication (#6924) 
Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2023-02-13 09:14:17 +01:00
Suresh Kumar Anaparti
d8c7e34b38
Improve global settings UI to be more intuitive/logical (#5797) 
Co-authored-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com>
Co-authored-by: nvazquez <nicovazquez90@gmail.com>
Co-authored-by: davidjumani <dj.davidjumani1994@gmail.com>
Co-authored-by: dahn <daan.hoogland@gmail.com>
Co-authored-by: dahn <daan@onecht.net>
 2023-01-31 11:23:43 +01:00
Eduardo Zanetta
a9b49f3ae9
Cleanup APIs getCommandName (#7022) 
Co-authored-by: Eduardo Zanetta <eduardo.zanetta@scclouds.com.br>
 2023-01-03 12:11:52 +01:00
John Bampton
f9347ecf2c
Fix spelling (#6597) 2022-08-03 15:43:47 +05:30
Rohit Yadav
5f04018bf0 Merge remote-tracking branch 'origin/4.17' 2022-07-27 12:41:31 +02:00
Rohit Yadav
441edf3ca7
utils: use safer parsing utility across codebase (#6562) 
This addresses SonarQube/SonarCloud quality checks to use safer xml
parser to resist potential XXE attacks.

https://sonarcloud.io/organizations/apache/rules?open=java%3AS2755&rule_key=java%3AS2755

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2022-07-27 14:31:51 +05:30
Rohit Yadav
4baaf736b9 Merge remote-tracking branch 'origin/4.17' 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2022-07-18 19:42:44 +05:30
Rohit Yadav
7a3e97d67e Tagging release 4.17.0.1 on branch b30a4a99d1b530efbf652373eda229f2cd5133b1. 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEXtHhEi3F6KSkURLCSEJIIQ7j2IQFAmLRYi0ACgkQSEJIIQ7j
 2ISTWxAAlozJuDMoRnr4D1TDbNCr2hzWSgVn5AK+IZGwnd22OnaZnS7tVQUheTCq
 t9aQgRLb7oUGAzNngHEjDaQBnxlHdLHMKby+QGe+RjX/d9urFoEyHe2xyvCJPkwM
 hFM1uesMqtH/HKwhIL3l8fATGPHlucdhQEZ+XA4bu91IVzxog0gikSnm7SjbaljF
 yYNkn9CgOWtZYFek7lcOM7iuKB79QSdpYxN8PYLpE7esyQSu4KjU4Ekufv1u6Tql
 ILsY5PA5tzzxS7ArfW5PICgSxkXOUIkflBbPHObGgduKw9Q36bmnRM/701lNb2re
 EWE4NMlM2PDn8kKZ2zULD2VBIq5tVdJuZjXbjDyD17z/KiU9pd6hGeHABSitnpDW
 vAS6rLJVY3YT9eqoVDVhpkpFQZmvdfDC8L4nYU2E7dCHj4lF9FlsgYO08SCfSgvP
 InAnfg1jZvbhA9EDL+LiuhxCStn6ZpjRuRCC89hYfRfRM1ZdrT2FazDj8KwPuC0P
 xfEr8eTnMm7xM+B9JCBQ2Lskl3jxQk3KAYQX13LtZCUj05Y1f3crx/iq6t0qIrAH
 PU9keojKMZffLz5MBlFU8qor32stw+uNMky8dZgtDIx6kRjnuYuPYOxpcPDzl+Cs
 KBRcwpIP+GR9mePU8PKBNDClLA45vDE1XqeK6KnOOf7MBSprU5o=
 =ETOD
 -----END PGP SIGNATURE-----

Merge tag '4.17.0.1' into 4.17

Tagging release 4.17.0.1 on branch b30a4a99d1b530efbf652373eda229f2cd5133b1.
 2022-07-18 19:40:53 +05:30
Rohit Yadav
1c7efcbd0d Updating pom.xml version numbers for release 4.17.0.1 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2022-07-15 18:18:40 +05:30
Rohit Yadav
f27de63644 saml: Safer DocumentBuilderFactory and ParserPool configuration 
This implements safer DocumentBuilderFactory and ParserPool utilities
to be used throughout the codebase to prevent potential XXE exploits.

References:
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
https://www.blackhat.com/docs/us-15/materials/us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 8e0e68ef368ebe2793ef80e2c3821eaecb47b593)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2022-07-14 17:31:12 +05:30
Rohit Yadav
e57a0f9980 Merge remote-tracking branch 'origin/4.17' 2022-07-06 09:34:02 +05:30
Luis Moreira
c6b611433b
saml: Fix SAML SSO plugin redirect URL (#6457) 
This PR fixes the issue #6427 -> SAML request must be appended to an IdP URL as a query param with an ampersand, if the URL already contains a question mark, as opposed to always assume that IdP URLs don't have any query params.
Google's IdP URL for instance looks like this: https://accounts.google.com/o/saml2/idp?idpid=<ID>, therefore the expected redirect URL would be https://accounts.google.com/o/saml2/idp?idpid=<ID>&SAMLRequest=<SAMLRequest>

This code change is backwards compatible with the current behaviour.
 2022-07-06 09:28:37 +05:30
nvazquez
0bcc609f05
Updating pom.xml version numbers for release 4.18.0.0-SNAPSHOT 
Signed-off-by: nvazquez <nicovazquez90@gmail.com>
 2022-06-06 12:25:35 -03:00
nvazquez
038a669d6b
Updating pom.xml version numbers for release 4.17.1.0-SNAPSHOT 
Signed-off-by: nvazquez <nicovazquez90@gmail.com>
 2022-06-06 12:19:44 -03:00
nvazquez
c56220fcf2
Updating pom.xml version numbers for release 4.17.0.0 
Signed-off-by: nvazquez <nicovazquez90@gmail.com>
 2022-05-31 14:33:47 -03:00
dahn
c123c3fd2f
remove request listener to prevent untimely session invalidation (#6393) 
* login/-out constants

* no request listener

* store session as value, using id as key

* Apply suggestions from sonarcloud.io code review

three instances of unsafe parameters to logging

* new sonar issues

* sonar issues
 2022-05-24 10:00:06 -03:00
Abhishek Kumar
523805c8bc
schema,server,api: events improvement (#5997) 
* schema,server,api: events improvement

Add resource ID and resource type to event.

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* wip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* refactor resourcetype association with API class

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add resource anme to the response

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* more tests

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* new line

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add resource test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* smoke test for events resource

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui improvements

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* refactor

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* api,ui: add support for listing events for a resource

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* since key

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* tests and permission changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* missing test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* events for domain

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* improvements

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add missing license

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: fix js console errors

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* sort enumeration

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix event resource for vpc

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* feedback changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix order

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* events with parent resource

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* missing UI labels

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* donot call cmd resource methods before dispatch

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add restore vm to procedure

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add missing imports

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* resource details for more events

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add test for changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* more test, license fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* wrong merge fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix for more event types

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2022-04-25 09:05:17 -03:00
Leo
70122007bb
Updated SAML2 auth sessionkey cookie path (#6149) 
This change will set the sessionkey under the /client/api path. This commit should prevent duplicate sessionkey cookies from being set on both /client (incorrect) and /client/api (correct). Prior to this commit, the /client version was being set while the /client/api version remained unchanged with an invalid sessionkey. As a result, subsequent requests after the SAML2 authentication would immediately fail with an invalid session and results in the user being logged out.

The sessionkey is now set explicitly for the /client/api path which should fix this issue, regardless of the SSO URL and path that's being used.
 2022-04-18 17:16:20 +05:30
nvazquez
1c238e101d
Merge branch '4.16' 2022-03-30 00:00:34 -03:00
Wei Zhou
ee27708ffb
SAML: replace first number with random alphabet if request ID starts with a number (#6165) 2022-03-29 23:59:44 -03:00
JoaoJandre
5f07ddaca9
Refactor account type (#6048) 
* Refactor account type

* Added license.

* Address reviews

* Address review.

Co-authored-by: João Paraquetti <joao@scclouds.com.br>
Co-authored-by: Joao <JoaoJandre@gitlab.com>
 2022-03-09 11:14:19 -03:00
Suresh Kumar Anaparti
bc70535ee5
Updating pom.xml version numbers for release 4.16.2.0-SNAPSHOT 
Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com>
 2022-03-03 18:15:33 +05:30
Suresh Kumar Anaparti
cad9332082
Updating pom.xml version numbers for release 4.16.1.0 
Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com>
 2022-02-25 19:01:16 +05:30
Daniel Augusto Veronezi Salvador
b4aabadc4d
Replace string libraries with org.apache.commons.lang3.StringUtils (#5386) 
* Replace google lib for lang3 and adjust methods calls

* Replace string libs by lang3

* Prohibit others string libs

Co-authored-by: GutoVeronezi <daniel@scclouds.com.br>
 2021-11-18 13:41:48 +05:30
nicolas
3f79436840
Updating pom.xml version numbers for release 4.17.0.0-SNAPSHOT 
Signed-off-by: nicolas <nicovazquez90@gmail.com>
 2021-11-09 22:55:52 -03:00
nicolas
93c3c3b9ac
Updating pom.xml version numbers for release 4.16.1.0-SNAPSHOT 
Signed-off-by: nicolas <nicovazquez90@gmail.com>
 2021-11-09 22:50:22 -03:00
nicolas
44c08b5acc
Updating pom.xml version numbers for release 4.16.0.0 
Signed-off-by: nicolas <nicovazquez90@gmail.com>
 2021-11-04 14:14:57 -03:00
Daan Hoogland
e26202f23e Updating pom.xml version numbers for release 4.16.0.0-SNAPSHOT 
Signed-off-by: Daan Hoogland <dahn@onecht.net>
 2021-01-04 11:32:10 +00:00
Daan Hoogland
01b3e361c7 Updating pom.xml version numbers for release 4.15.0.0 
Signed-off-by: Daan Hoogland <dahn@onecht.net>
 2020-12-23 16:32:25 +00:00
Pearl Dsilva
fb78fb24c7
fix login issue post upgrade (#4465) 
Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com>
 2020-11-12 13:09:25 +00:00
Rohit Yadav
dfc76e0278 Merge remote-tracking branch 'origin/4.14' 2020-07-08 11:37:14 +05:30
Rohit Yadav
ba767783bd Merge remote-tracking branch 'origin/4.13' into 4.14 2020-07-08 11:36:30 +05:30
Rohit Yadav
139aa13e6a
server: Purge all cookies on logout, set /client path on login (#4176) 
This will purge all the cookies on logout including multiple sessionkey
cookies if passed. On login, this will restrict sessionkey cookie
(httponly) to the / path.

Fixes #4136

Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com>
 2020-07-08 08:03:51 +05:30
andrijapanicsb
5f926c3353 Updating pom.xml version numbers for release 4.15.0.0-SNAPSHOT 
Signed-off-by: andrijapanicsb <andrija.panic@shapeblue.com>
 2020-05-23 10:18:39 +01:00
andrijapanicsb
05e9b11694 Updating pom.xml version numbers for release 4.14.1.0-SNAPSHOT 
Signed-off-by: andrijapanicsb <andrija.panic@shapeblue.com>
 2020-05-23 09:59:32 +01:00
andrijapanicsb
6f96b3b2b3 Updating pom.xml version numbers for release 4.14.0.0 
Signed-off-by: andrijapanicsb <andrija.panic@shapeblue.com>
 2020-05-11 15:03:14 +01:00
andrijapanicsb
398e685e01 Updating pom.xml version numbers for release 4.13.2.0-SNAPSHOT 
Signed-off-by: andrijapanicsb <andrija.panic@shapeblue.com>
 2020-04-29 12:29:12 +01:00
andrijapanicsb
b2ffa3efa5 Updating pom.xml version numbers for release 4.13.1.0 
Signed-off-by: andrijapanicsb <andrija.panic@shapeblue.com>
 2020-04-23 19:17:09 +01:00
Rohit Yadav
d90341ebf1
cloudstack: add JDK11 support (#3601) 
This adds support for JDK11 in CloudStack 4.14+:

- Fixes code to build against JDK11
- Bump to Debian 9 systemvmtemplate with openjdk-11
- Fix Travis to run smoketests against openjdk-11
- Use maven provided jdk11 compatible mysql-connector-java
- Remove old agent init.d scripts

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2020-02-12 12:58:25 +05:30
Paul Angus
50fc045f36 Updating pom.xml version numbers for release 4.14.0.0-SNAPSHOT 
Signed-off-by: Paul Angus <paul.angus@shapeblue.com>
 2019-09-07 09:57:46 +01:00