thomasDOTde
534b9739c2
Merge branch 'hotfix-ldap' of https://github.com/verdel/PowerDNS-Admin into ldapfix-verdel
2018-02-10 13:01:04 +01:00
Vadim Aleksandrov
0436d69ea6
Adding the ability to use 'LDAP_USERNAMEFIELD' and 'LDAP_FILTER' in case of use with Active Directory for authorization
2018-02-09 15:41:19 +03:00
Vadim Aleksandrov
b0caf0ca48
Fix issue with inserting into the database fields 'firstname' and 'lastname' containing non-ascii characters that can be retrieved from LDAP
2018-02-09 15:37:28 +03:00
Vadim Aleksandrov
6f4cc42805
Fix issue with LDAP search filter. It is necessary to bracket the expression with additional filter conditions
2018-02-09 15:32:50 +03:00
thomasDOTde
92d7ca3870
added application certificate handling for signed SAML messages
2018-01-20 17:17:02 +01:00
thomasDOTde
050b822636
cleaup after merged pr
2017-12-05 12:59:08 +01:00
NomenNescio
d5b2dedd7f
small fixes for return url after saml logout
2017-12-05 12:28:54 +01:00
thomasDOTde
85c07210db
fixed name-id formating and name-id
2017-12-05 03:48:18 +01:00
thomasDOTde
e535ce0822
fixed session check
2017-12-05 00:23:10 +01:00
thomasDOTde
60086d5d15
added standard SAML logout method using metadata
2017-12-05 00:14:31 +01:00
thomasDOTde
049a8a4547
optimized domain permission check for normal users
2017-12-04 22:18:28 +01:00
NomenNescio
47cf1aff4a
added configurable logout redirect URL
2017-12-04 14:43:58 +01:00
NomenNescio
620b0b55e8
replaced non-existent method with code that checks whether user has rights on the domain at hand
2017-12-04 14:00:30 +01:00
Radnik
9855bc70dc
Fixed iCheck for multiple pages
2017-11-27 11:02:21 +01:00
thomasDOTde
971d6b2e28
fixed issue when not using LDAP
2017-11-10 12:28:42 +01:00
thomasDOTde
d65efe477a
ensure authentication isn't possible without password
2017-11-06 23:36:11 +01:00
thomasDOTde
5a1a4b0161
Merge remote-tracking branch 'origin/master'
2017-11-03 12:24:54 +01:00
thomasDOTde
54e61bf072
added custom error page for SAML authentication errors
2017-11-03 12:24:25 +01:00
Thomas
4a4b03a7d0
Merge pull request #11 from ssendev/patch-1
...
Allow to change root domain record via dyndns
2017-11-03 00:36:06 +01:00
Thomas
cd6a58446d
Merge pull request #9 from toxicvengeance/master
...
Add CAA record helper implemented by toxicvengeance
2017-11-03 00:32:12 +01:00
thomasDOTde
9e719a3a98
fixed merge
2017-11-03 00:00:04 +01:00
Thomas
2354eb69c3
Merge branch 'master' into ldap_group_security
2017-11-02 23:23:36 +01:00
thomasDOTde
37fee207a5
marked google oauth users as external
2017-11-01 22:30:08 +01:00
Thomas
83a0396350
Merge branch 'master' into feature-google-oauth
2017-11-01 22:18:43 +01:00
Thomas
c7fbc0ecd7
Merge pull request #4 from thomasDOTde/fix-Issue#176
...
Fix for #176
2017-11-01 22:06:42 +01:00
Thomas
e76063dbef
Merge pull request #3 from thomasDOTde/fix-show-srvhelper
...
Corrected SRV record helper not showing
2017-11-01 21:59:48 +01:00
Thomas
ff9a6fcfba
Merge pull request #2 from thomasDOTde/upstream-access-control
...
Add access control for non-admin users from hackedd
2017-11-01 21:47:14 +01:00
Paul Hooijenga
9a4021d5e5
Add access control for non-admin users
...
(cherry picked from commit 6e5b704)
2017-11-01 21:40:15 +01:00
thomasDOTde
12cb6f28fb
implemented dynamic metadata lookup
...
removed saml json-templates
2017-11-01 17:31:51 +01:00
thomasDOTde
cd3b41553d
fixed link for alternative login methods
2017-11-01 13:55:57 +01:00
thomasDOTde
f92661c753
remove unnecessary controls from profile for ext. auth.
2017-11-01 13:40:26 +01:00
thomasDOTde
baa960aad6
raised password length to 30 for external accounts.
...
fixed error_checking for saml-authentication
2017-11-01 13:31:41 +01:00
thomasDOTde
12c957bf5f
disabled profile usage when authenticated externally
2017-11-01 01:34:29 +01:00
thomasDOTde
31eaee8e0b
added saml authentication
2017-10-31 22:38:26 +01:00
thomasDOTde
805439e6ee
updated preapre_flask_request to support frontend-ssl
2017-10-31 20:42:13 +01:00
thomasDOTde
933d678e83
added SAML auth basics and metadata
2017-10-31 19:21:22 +01:00
patito
a4b9722d47
Google OAuth
2017-09-22 15:28:09 +01:00
Nils Sandmann
168f19950d
Corrected SRV record helper not showing
...
Signed-off-by: Nils Sandmann <git@softcat.org>
2017-09-19 12:11:09 +02:00
toxicvengeance
5c5beec2d6
added default values
2017-05-10 23:25:32 +02:00
toxicvengeance
c9bfe00e59
added example caa values
2017-05-10 23:15:01 +02:00
toxicvengeance
300af22859
added caa record helper
2017-05-10 22:33:44 +02:00
Christopher Himmel
85694e4e93
added caa record helper
2017-05-10 22:30:06 +02:00
Znuff
8f31953b6d
Fix for #176
...
Fixes #176 . Tested briefly with my data.
2017-01-13 16:53:11 +02:00
Khanh Ngo
b6ed658cbd
Merge pull request #156 from petersipos/feature/automatic-reverse-domain-creation
...
Feature/automatic reverse domain creation
2016-12-10 12:38:44 +07:00
SIPOS, Peter
72e3a82e9e
Change reverse domain creation order
...
With refactoring the get_reverse_domain_name
function, we change the reverse domain checking to
a reverse order. In this way we check the lowest class
(more specific) reverse zone first. When an existing domain found we use it to create the reverse PTR records. If no one existing can be find, The most specific address will be used.
2016-11-28 08:39:07 +01:00
SIPOS, Peter
e6e3c39778
Add get_reverse_domain_name functionality
...
In this way the reverse it is possible to create
auto-ptr records in higher ip classes (eg. class A in IPv4).
Only works with existing higher class domain.
If is isn't find higher class domain, create a lowest class domain, and add there the reverse PTRs.
Also works with IPv6!
2016-11-21 19:44:10 +01:00
SIPOS, Peter
b9f95da906
Implement of checking existing higher class ip reverse zones
...
iteratively checking of existing domains with higher IP
classes. When this function find an existing higher class
domain return with that reverse address. eg. 192.in-addr.arpa
If it is not find any existing higher class domain it returns with the lowest class domain reverse domain name. eg, 39.168.192.in-addr.arpa
2016-11-21 19:40:43 +01:00
SIPOS, Peter
d7db0d5e7a
Fix create reverse domain function
...
Using of wrong variable
2016-11-21 19:36:43 +01:00
SIPOS, Peter
c53d9ace89
Extend reverse domain regexp with classes
...
With this modification it can be possible, to detect
custom IP classes for domains. It just need to
modify the multipler in regexp {4} or {1}.
In the future it will works automaticly, but not now
2016-11-21 16:55:03 +01:00
SIPOS, Peter
1538cf0239
Limit record selection in reverse lookup domain to PTR
...
And also fix the default type selection of a new record
2016-11-21 15:52:07 +01:00