apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 20:02:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,223 Commits 307 Branches 324 Tags
Commit Graph

2357 Commits

Author SHA1 Message Date
Rohit Yadav
fecc6b6e48 SAML2LoginAPIAuthenticatorCmd: Don't support HTTP artifact binding 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:47:40 +02:00
Rohit Yadav
394e6130e0 SAML2LoginAPIAuthenticatorCmd: add signature on redirect url 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:31:16 +02:00
Rohit Yadav
67f97df00f GetServiceProviderMetaDataCmd: in metadata use SP's own X509 certs 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:30:52 +02:00
Rohit Yadav
5e947e2b24 SAML2AuthManagerImpl: create or load keystore dao 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:28:02 +02:00
Rohit Yadav
aaa4b60b23 SAML2AuthManager: add new methods to the interface 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:27:11 +02:00
Rohit Yadav
f144081958 saml2: WIP X509 certificate auth stuff 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f7d409e0f4d2b6f56ec82ae339eff5f477e4a832)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 14:31:21 +02:00
Rohit Yadav
aeec24b2ca SAMLMetaDataResponse: this should extend AuthenticationCmdResponse 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 13:58:39 +02:00
Kishan Kavala
4f3de024de Add script to ensure cgroups are not co-mounted in rhel7/lxc. If required, script will unmount co-mounted cgroups and remount them seperately 2014-09-11 14:34:40 +05:30
Nitin Mehta
f3b5a6ebc7 CLOUDSTACK-7533: Wrong download URL is generated when using multiple SSVMs in a zone. The public ip of the url would sometime point to the wrong ssvm when the url was created on another one. 
Fix the bug by removing the command CreateEntityDownloadURLCommand from the host delegation. This results in same ssvm for creating the symlink on ssvm and same public ip being used for generating the url on MS.
 2014-09-10 17:46:33 -07:00
Frank Zhang
e06fa18ed2 CLOUDSTACK-6278 
Baremetal Advanced Networking support
 2014-09-10 14:43:41 -07:00
Rohit Yadav
8929d74519 SAML2UserAuthenticatorTest: Fix test, make sure encoded password length > 0 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-10 14:24:03 +02:00
Anshul Gangwar
a400eecf6c CLOUDSTACK-7503: Fixed few coverity issues 2014-09-10 11:33:01 +05:30
Anthony Xu
63ea596ba2 removed unused class 
engine/schema/src/com/cloud/upgrade/PremiumDatabaseUpgradeChecker.java
 2014-09-09 18:31:13 -07:00
Anthony Xu
fcf2c1b6bc CLOUDSTACK-7505: 
if VM is created from ISO, don't change platform metadat for VM on XS
 2014-09-09 14:02:37 -07:00
Frank.Zhang
10544e287b CLOUDSTACK-6278 
Baremetal Advanced Networking support
 2014-09-05 16:28:34 -07:00
Frank.Zhang
c301bd1c94 CLOUDSTACK-6278 
Baremetal Advanced Networking support
 2014-09-05 16:28:33 -07:00
Kishan Kavala
41fdc418ff CLOUDSTACK-7472: Disable kvmclock for LXC 2014-09-05 19:38:55 +05:30
Kishan Kavala
6f7c4863a2 CLOUDSTACK-7473: Vm migration is not supported for LXC. When host is put in maintenance mode, stop the Vms instead of migrating 2014-09-04 20:59:19 +05:30
Rajani Karuturi
17164c3c83 Fixed CLOUDSTACK-6942: LXC: optimize template copy to primary 
saving LXC template as tar to primary and extracting it only when
required.
This would improve the template copy time.

Reviewed By: Kishan Kavala
 2014-09-04 14:56:29 +05:30
Fred Clift
355eb72c7d make virtual router /latest/.htaccess file be static - no longer dynamically generate it, remove code that managed the file previously 
Signed-off-by: Sebastien Goasguen <runseb@gmail.com>
 2014-09-04 04:22:27 -04:00
Mike Tutkowski
1d2f3300ad Adding support for SolidFire snapshots 2014-09-03 20:09:00 -06:00
Anthony Xu
5811ebeee7 if VM scale is disable, don't set any scale option for VM 2014-09-03 14:40:00 -07:00
Hugo Trippaers
dc3f0cbc63 Improve the handling of the findbug exclude files 2014-09-03 10:41:22 +02:00
Rohit Yadav
33a249e77a CLOUDSTACK-7455: Fix possible case for NPE 
NPE can happen if Spring fails to inject api authenticator, so better check
and set list of commands if the authenticator is not null or returning null cmds

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-31 14:42:18 +02:00
Rohit Yadav
550762a0dc SAMLUtils: fix signature, refactor generateRandomX509Certificate 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-30 21:37:55 +02:00
Rohit Yadav
784288eaab SAML2AuthManagerImpl: let the component return true on start 
- Return super.true() even if plugin is not enabled
- Return empty list when getCommands is called

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-30 14:32:54 +02:00
Rohit Yadav
2bff5956a9 cisco-vnmc: Don't create Protocol using deprecated SecureProtocolSocketFactory 
Latest httpclient library suggests when creating Protocol object for use
with the apache common httpclient class, they should avoid using the
deprecated Protocol signature which takes in SecureProtocolSocketFactory

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-29 14:39:29 +02:00
Mike Tutkowski
ef0adc1238 Removed an un-used import 2014-08-29 00:23:48 -06:00
Mike Tutkowski
08995b68e6 Name the SolidFire Volume Access Group after the UUID of the CloudStack cluster it serves 2014-08-28 23:57:52 -06:00
Mike Tutkowski
0e79cd1172 Minor changes to SolidFire automation-related code 2014-08-28 23:14:42 -06:00
amoghvk
b693e61fe6 Temp fix for compilation issue, need to check what caused it 2014-08-28 17:47:08 -07:00
Rohit Yadav
81608afee1 SAML2LoginAPIAuthenticatorCmdTest: Add missing license 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 20:06:38 +02:00
Rohit Yadav
6eae9b8596 saml: disable plugin by default and don't initiate if not enabled 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:49:48 +02:00
Rohit Yadav
aa02e30e95 saml: fix tests and update method signature that generates random certs 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:27 +02:00
Rohit Yadav
0402f68b12 SAML2LogoutAPIAuthenticatorCmd: if session is null, redirect to login page 
If session is null, probably logout (local) happened removing the name id and
session index which is needed for global logout. The limitation by design is that
local logout will void possibility of global logout. To globally logout, one
use the SLO api which would logout locally as well.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
de4e74b2b4 saml: Add unit tests for saml plugin 
- Fixes signatures on plugin manager for ease of testing
- Fixes authenticator
- Adds unit testing for getType and authenticate methods for all cmd classes
- Adds SAMLAuthenticator test

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
15fdc1744c SAML2LogoutAPIAuthenticatorCmd: check logout response and redirect to UI 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
8dc50927f9 saml: use SAML_RESPONSE from SAMLUtils 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
ad13d3d747 SAML2UserAuthenticator: check that request params has SAMLResponse 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
7ee4176c7a SAML2LogoutAPIAuthenticatorCmd: implement single log out 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
b1946e8c13 SAML2LoginAPIAuthenticatorCmd: store nameid and session index in user's session 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
b401828aef saml: use values from config for user account, domain and redirected url 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
a13da8f9e0 saml2: Add GetServiceProviderMetaDataCmd that returns SP metadata XML 
This adds GetServiceProviderMetaDataCmd which returns SP metadata XML, since
this information should be public for IdPs to discover, we implement this as a
login/cmd api so this does not require any kind of authentication to GET this

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
7687b7311a saml: Implement logic to check response against X509 keys 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
47ccce85a1 api: add method to pass on api authenticators to cmd classes 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
06e909923a saml: Have the plugin use IDP metadata from URL, get values from Config 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
37961ebdd8 saml: Implement SAML2AuthManager interface 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
d45b303569 saml2: Fix plugin after refactoring 
- Use opensaml version from root pom
- Add utils and api as explicit dependency
- Add org.apache.cloudstack.saml.SAML2AuthServiceImpl bean
- Fix imports in all source files and resource xmls
- Use methods available from SAMLUtils to encode/decode SAML request/response
- SAML logout api is not the global logout api

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
4422fdd9ad saml2: Implement SAML2AuthServiceImpl which is a PluggableAPIAuthenticator 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
68e094ebaf saml: move refactor files from server to api module 
- Move interfaces and classes from server to api module
- This can be then used for pluggable api authenticators

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:22 +02:00