Commit graph

16 commits

Author SHA1 Message Date
Douwe Maan
75f5fa997d Enable Rails/Delegate 2017-02-23 09:32:42 -06:00
Drew Blessing
de4eee0894 LDAP attributes needs default values 2017-01-06 00:24:33 -06:00
Drew Blessing
babb7d5260 Gitlab::LDAP::Person uses LDAP attributes configuration
We allow users to configure LDAP attribute preferences. For example,
email can be configured to use `mail`, `email` and `userPrincipalName`,
falling through to the next until a value is found. Prior to this
change, Gitlab::LDAP::Person did not honor this configuration. Now,
the class will honor `name` and `mail` configuration. It does not
handle `username`, or fallback to `first_name` + `last_name` in the
absence of `name`.
2017-01-03 13:26:47 -06:00
Michael Alt
1502fed795 Faulty LDAP DN name escaping removed
The Net::LDAP::Filter.escape function can not be used to escape the DN name because the backslash is required to escape special chars in the DN name. This leads to the error message "Access denied for your LDAP account." and prevents the user from logging in to gitlab.

Example DN: 
CN=Test\, User,OU=Organization,DC=Company
CN=Test User,OU=Organization,DC=Company

http://www.ietf.org/rfc/rfc4514.txt
2015-03-21 22:57:55 +01:00
Douwe Maan
757dca2b78 Escape wildcards when searching LDAP by username. 2015-03-06 13:39:57 +01:00
Jan-Willem van der Meer
18d2ee31e8 Use server specific uid 2014-10-14 10:54:43 +02:00
Jan-Willem van der Meer
410d6e306b Remove unused method 2014-10-14 08:54:15 +02:00
Jan-Willem van der Meer
01b791237c Refactor lib files for multiple LDAP groups 2014-10-13 17:24:05 +02:00
Jan-Willem van der Meer
c0323b40ee Refactor: beter naming for active directory disabled users 2014-09-01 16:35:18 +02:00
Jacob Vosmaer
be1120e968 Improve ad_disabled method name 2014-05-14 19:13:06 +02:00
Jacob Vosmaer
a966f72224 Document the Active Directory magic numbers 2014-05-14 19:08:42 +02:00
Jacob Vosmaer
11dba4cee7 Fix syntax error in AD disabled user filter 2014-05-14 18:54:05 +02:00
Jacob Vosmaer
a754f0b220 Add LDAP::Person#ad_disabled?
Check the bit for disabled Active Directory users. The filter is based
on http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/ .
2014-05-14 18:26:58 +02:00
Jacob Vosmaer
5a616649b5 Allow passing an adapter to Gitlab::LDAP::Person 2014-03-14 08:52:57 +01:00
Dmitriy Zaporozhets
0fdab6a747
Remove copyright
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-10 17:09:45 +02:00
Dmitriy Zaporozhets
daa7f077db
Port LDAP code from EE
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-10 14:48:08 +02:00