Details
-
Improvement
-
Resolution: Fixed
-
Blocker
-
4.0.0
-
Security Level: Public
Description
Group support for LDAP authentication
Requirements: https://docs.google.com/document/d/1cFZOz9n6ZKyq_thxCSteuLrZ0rJEh7AMT3MFbOHCchM/edit
Design draft: https://docs.google.com/document/d/1wsjEmke80RW_sbW0ycS8yQl6rq5lzBbRWuelPZ1m9ZI/edit
Attachments
Issue Links
For Gerrit Dashboard: MB-16035 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
97185,21 | MB-16035: LDAP filters parser (RFC4515) | master | ns_server | Status: MERGED | +2 | +1 |
97237,22 | MB-16035: LDAP groups authorization skeleton | master | ns_server | Status: MERGED | +2 | +1 |
97241,23 | MB-16035: Support settings of ldap_group_ref in PUT /groups/<Id> | master | ns_server | Status: MERGED | +2 | +1 |
97244,22 | MB-16035: Add parser for ldap url (RFC 4516) | master | ns_server | Status: MERGED | +2 | +1 |
97245,23 | MB-16035: Support LDAP authz settings in /settings/ldapSettings | master | ns_server | Status: MERGED | +2 | +1 |
97440,18 | MB-16035: Disabled groups and ldap in CE | master | ns_server | Status: MERGED | +2 | +1 |
97441,24 | MB-16035: Rename old ldap_enabled config param to saslauthd_enabled | master | ns_server | Status: MERGED | +2 | +1 |
98288,20 | MB-16035: On-demand validation for LDAP settings | master | ns_server | Status: MERGED | +2 | +1 |
99107,30 | MB-16035: Add cache for ldap_auth module functions | master | ns_server | Status: MERGED | +2 | +1 |
99536,6 | MB-16035: rename ldapEnabled to saslauthdEnabled in UI | master | ns_server | Status: MERGED | +2 | +1 |
99639,7 | MB-16035: Audit ldap settings change | master | ns_server | Status: MERGED | +2 | +1 |
99648,1 | MB-16035: Hibernate ldap cache if ldap is disabled | master | ns_server | Status: ABANDONED | 0 | 0 |
99688,17 | MB-16035: Set timeouts for LDAP requests | master | ns_server | Status: MERGED | +2 | +1 |
99696,19 | MB-16035: Sanitize user input in ldap filter and dn | master | ns_server | Status: MERGED | +2 | +1 |
99927,19 | MB-16035: Add user_dn_mapping parameter | master | ns_server | Status: MERGED | +2 | +1 |
100292,13 | MB-16035: Cache for external users' roles | master | ns_server | Status: MERGED | +2 | +1 |
100473,14 | MB-16035: LDAP attribute names are case insensitive | master | ns_server | Status: MERGED | +2 | +1 |
100475,18 | MB-16035: get_user_props(Id, [groups]) should return all groups ... | master | ns_server | Status: MERGED | +2 | +1 |
100486,19 | MB-16035: Clear roles cache if ldap settings changes | master | ns_server | Status: MERGED | +2 | +1 |
100487,17 | MB-16035: In some cases LDAP queries need to be case sensitive | master | ns_server | Status: MERGED | +2 | +1 |
100537,15 | MB-16035: Renew roles cache when ldap settings change | master | ns_server | Status: MERGED | +2 | +1 |
100586,16 | MB-16035: User without roles is a valid user | master | ns_server | Status: MERGED | +2 | +1 |
100600,15 | MB-16035: Optimizations for GET /users, part 3 | master | ns_server | Status: MERGED | +2 | +1 |
100773,2 | MB-16035: Cache user to DN mapping | master | ns_server | Status: ABANDONED | 0 | 0 |
101202,6 | MB-16035: Nested ldap groups support | master | ns_server | Status: MERGED | +2 | +1 |
101448,6 | MB-16035: Add external_users_enabled config param ... | master | ns_server | Status: ABANDONED | 0 | 0 |
101449,6 | MB-16035: Clean roles cache when external_users_enabled change | master | ns_server | Status: ABANDONED | 0 | 0 |
102352,7 | MB-16035: Add POST /settings/invalidateLDAPCache | master | ns_server | Status: MERGED | +2 | +1 |
103064,5 | MB-16035: Rename ldap ecryption settings and change default | master | ns_server | Status: MERGED | +2 | +1 |
103131,4 | MB-16035: Validate LDAP server certificate | master | ns_server | Status: MERGED | +2 | +1 |
103699,2 | MB-16035: Rename: /settings/ldapSettings -> /settings/ldap | master | ns_server | Status: MERGED | +2 | +1 |
104416,5 | MB-16035: Make sure ldap settings are sanitized | master | ns_server | Status: MERGED | +2 | +1 |
104475,5 | MB-16035: Anon connection for ldap groups retrieval by default | master | ns_server | Status: MERGED | +2 | +1 |
104661,3 | MB-16035: Disable permissions cache for external users | master | cbauth | Status: MERGED | +2 | +1 |
104699,5 | MB-16035: ui: added mnUserRolesList directive | master | ns_server | Status: MERGED | +2 | +1 |
104762,9 | MB-16035: ui: add roles groups list .. | master | ns_server | Status: MERGED | +2 | +1 |
104990,7 | MB-16035: ui: add ldap dialog | master | ns_server | Status: MERGED | +2 | +1 |
107293,3 | MB-16035: fix accordion widget variables | master | ns_server | Status: MERGED | +2 | +1 |
107294,3 | MB-16035: added extra validation for LDAP DN field | master | ns_server | Status: MERGED | +2 | +1 |
107295,3 | MB-16035: correct logic to handle server_cert_validation | master | ns_server | Status: MERGED | +2 | +1 |
107296,5 | MB-16035: fill ldap from using server data | master | ns_server | Status: MERGED | +2 | +1 |
107319,2 | MB-16035: Fix a typo | master | ns_server | Status: MERGED | +2 | +1 |
107460,2 | MB-16035: added clear cache button | master | ns_server | Status: MERGED | +2 | +1 |
107461,3 | MB-16035: remove form errors before submit | master | ns_server | Status: MERGED | +2 | +1 |
107462,3 | MB-16035: pass isAnon as separate argument | master | ns_server | Status: MERGED | +2 | +1 |
107463,3 | MB-16035: return object if there is no DnMapping or groupsQuery | master | ns_server | Status: MERGED | +2 | +1 |
107464,3 | MB-16035: show Authentication error in the right place | master | ns_server | Status: MERGED | +2 | +1 |