apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-04 00:02:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,914 Commits 308 Branches 324 Tags
Commit Graph

147 Commits

Author SHA1 Message Date
Rajani Karuturi
d969364daf Fixed coverity issue 
CID 11461 (#1 of 1): DLS: Dead local store (FB.DLS_DEAD_LOCAL_STORE)
 2014-11-06 09:38:22 +05:30
Rohit Yadav
cd52bed477 saml: Use camelCase api names for SAML login/logout apis 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 85c0bd68ae8a76c231ab402dd0311e3672155f71)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-10-31 00:32:29 +05:30
Rohit Yadav
fecc6b6e48 SAML2LoginAPIAuthenticatorCmd: Don't support HTTP artifact binding 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:47:40 +02:00
Rohit Yadav
394e6130e0 SAML2LoginAPIAuthenticatorCmd: add signature on redirect url 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:31:16 +02:00
Rohit Yadav
67f97df00f GetServiceProviderMetaDataCmd: in metadata use SP's own X509 certs 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:30:52 +02:00
Rohit Yadav
5e947e2b24 SAML2AuthManagerImpl: create or load keystore dao 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:28:02 +02:00
Rohit Yadav
aaa4b60b23 SAML2AuthManager: add new methods to the interface 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 16:27:11 +02:00
Rohit Yadav
f144081958 saml2: WIP X509 certificate auth stuff 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f7d409e0f4d2b6f56ec82ae339eff5f477e4a832)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 14:31:21 +02:00
Rohit Yadav
aeec24b2ca SAMLMetaDataResponse: this should extend AuthenticationCmdResponse 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-12 13:58:39 +02:00
Rohit Yadav
8929d74519 SAML2UserAuthenticatorTest: Fix test, make sure encoded password length > 0 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-09-10 14:24:03 +02:00
Hugo Trippaers
dc3f0cbc63 Improve the handling of the findbug exclude files 2014-09-03 10:41:22 +02:00
Rohit Yadav
33a249e77a CLOUDSTACK-7455: Fix possible case for NPE 
NPE can happen if Spring fails to inject api authenticator, so better check
and set list of commands if the authenticator is not null or returning null cmds

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-31 14:42:18 +02:00
Rohit Yadav
550762a0dc SAMLUtils: fix signature, refactor generateRandomX509Certificate 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-30 21:37:55 +02:00
Rohit Yadav
784288eaab SAML2AuthManagerImpl: let the component return true on start 
- Return super.true() even if plugin is not enabled
- Return empty list when getCommands is called

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-30 14:32:54 +02:00
Rohit Yadav
81608afee1 SAML2LoginAPIAuthenticatorCmdTest: Add missing license 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 20:06:38 +02:00
Rohit Yadav
6eae9b8596 saml: disable plugin by default and don't initiate if not enabled 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:49:48 +02:00
Rohit Yadav
aa02e30e95 saml: fix tests and update method signature that generates random certs 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:27 +02:00
Rohit Yadav
0402f68b12 SAML2LogoutAPIAuthenticatorCmd: if session is null, redirect to login page 
If session is null, probably logout (local) happened removing the name id and
session index which is needed for global logout. The limitation by design is that
local logout will void possibility of global logout. To globally logout, one
use the SLO api which would logout locally as well.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
de4e74b2b4 saml: Add unit tests for saml plugin 
- Fixes signatures on plugin manager for ease of testing
- Fixes authenticator
- Adds unit testing for getType and authenticate methods for all cmd classes
- Adds SAMLAuthenticator test

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
15fdc1744c SAML2LogoutAPIAuthenticatorCmd: check logout response and redirect to UI 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
8dc50927f9 saml: use SAML_RESPONSE from SAMLUtils 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
ad13d3d747 SAML2UserAuthenticator: check that request params has SAMLResponse 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:26 +02:00
Rohit Yadav
7ee4176c7a SAML2LogoutAPIAuthenticatorCmd: implement single log out 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
b1946e8c13 SAML2LoginAPIAuthenticatorCmd: store nameid and session index in user's session 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
b401828aef saml: use values from config for user account, domain and redirected url 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:25 +02:00
Rohit Yadav
a13da8f9e0 saml2: Add GetServiceProviderMetaDataCmd that returns SP metadata XML 
This adds GetServiceProviderMetaDataCmd which returns SP metadata XML, since
this information should be public for IdPs to discover, we implement this as a
login/cmd api so this does not require any kind of authentication to GET this

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
7687b7311a saml: Implement logic to check response against X509 keys 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
47ccce85a1 api: add method to pass on api authenticators to cmd classes 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
06e909923a saml: Have the plugin use IDP metadata from URL, get values from Config 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:24 +02:00
Rohit Yadav
37961ebdd8 saml: Implement SAML2AuthManager interface 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
d45b303569 saml2: Fix plugin after refactoring 
- Use opensaml version from root pom
- Add utils and api as explicit dependency
- Add org.apache.cloudstack.saml.SAML2AuthServiceImpl bean
- Fix imports in all source files and resource xmls
- Use methods available from SAMLUtils to encode/decode SAML request/response
- SAML logout api is not the global logout api

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
4422fdd9ad saml2: Implement SAML2AuthServiceImpl which is a PluggableAPIAuthenticator 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:23 +02:00
Rohit Yadav
68e094ebaf saml: move refactor files from server to api module 
- Move interfaces and classes from server to api module
- This can be then used for pluggable api authenticators

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-28 19:45:22 +02:00
Rajani Karuturi
14f3ad55ec Fixed CLOUDSTACK-7374: added PaginationControl while querying ldap users 2014-08-20 15:58:08 +05:30
Rohit Yadav
6a8f8317fd CLOUDSTACK-7361: Fix SAML2UserAuthenticator to not let every login credential 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-18 11:41:32 +02:00
Rohit Yadav
a6a63dd2d3 saml2: add opensaml as dependency 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-12 12:01:29 +02:00
Rohit Yadav
c35f704f21 saml2: add spring security saml2 extension 1.0.0.RELEASE 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-12 12:01:29 +02:00
Rohit Yadav
c4f200265b CLOUDSTACK-7083: Add SAML2 SSO plugin skeleton and stub 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-08-12 12:01:28 +02:00
Rajani Karuturi
736ff5f8e5 Fixed CLOUDSTACK-7303 [LDAP] while importing ldap users, update the user info if it already exists in cloudstack 2014-08-11 17:54:31 +05:30
Rajani Karuturi
fca41bf527 Fixed bug: CLOUDSTACK-7214 added a config for ldap connection read timeout. 2014-08-01 16:32:45 +05:30
Rajani Karuturi
f7c664fc2e Revert "Fixed bug: CLOUDSTACK-7214 added a config for ldap connection read timeout." 
This reverts commit cd2f27a6628472b1c0a6289989dc802f534ec74e.

reverting it as it breaks the build when encryption is enabled.
 2014-08-01 11:20:20 +05:30
Rajani Karuturi
cd2f27a662 Fixed bug: CLOUDSTACK-7214 added a config for ldap connection read timeout. 2014-07-31 17:33:18 +05:30
Rajani Karuturi
5fa2d1c7ca Fixed Bug: CLOUDSTACK-7200 [LDAP] importUsersCmd for a group fails incase any member of a group is not an user 2014-07-30 12:02:24 +05:30
Santhosh Edukulla
97d296bfbd Fixed Coverity reported performance issues like inefficient string concatenations, wrong boxing or unboxing types, inefficent map element retrievals 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-07-01 22:06:25 +02:00
Rajani Karuturi
f4779b4d0c Fixed CLOUDSTACK-6509 Cannot import multiple LDAP/AD users into a cloudstack account 
Conflicts:
	api/src/com/cloud/user/AccountService.java
	plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapCreateAccountCmd.java
	plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapImportUsersCmd.java

Signed-off-by: Koushik Das <koushik@apache.org>
 2014-04-29 14:49:06 +05:30
Rajani Karuturi
baadf930fb checkstyle fix for commit 8e2e8e5e8ab492fa40dedc0788c0ac61f912487b 
improved ldap logging. added stacktrace in debug level incase of exceptions.

Signed-off-by: Abhinandan Prateek <aprateek@apache.org>
 2014-04-24 17:30:12 +05:30
Rajani Karuturi
a92610d277 improved ldap logging. added stacktrace in debug level incase of exceptions. 
Conflicts:
	plugins/user-authenticators/ldap/src/org/apache/cloudstack/ldap/LdapContextFactory.java

Signed-off-by: Abhinandan Prateek <aprateek@apache.org>
 2014-04-24 16:47:52 +05:30
Devdeep Singh
b54ae73917 Fixing rat failure 2014-04-21 14:32:00 +05:30
Laszlo Hornyak
54cfc2c2b1 md5 authenticator test 
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
 2014-04-21 10:25:16 +02:00
Daan Hoogland
8b62b2cb92 findbugs: exclude known spiffy hacks a.k.a. false positives 2014-03-28 14:28:10 +01:00