Michael Kozono
42bc6caee0
Trim extraneous spaces from DNs
2017-10-07 10:28:12 -07:00
Tiago Botelho
011c168bff
Refactors SAML identity creation in gl_user.
2017-10-02 11:35:09 +01:00
Tiago Botelho
cd85a558dc
Creates compound query for LDAP email attributes.
2017-09-25 16:14:22 +01:00
Tiago Botelho
718e5b0865
Attempt to link saml users to ldap by email
2017-09-25 09:44:31 +01:00
Douwe Maan
c1cf5f4101
Support simple string LDAP attribute specifications, and search for name rather than username attributes
2017-08-23 22:06:22 +02:00
Robert Speicher
260c8da060
Whitelist or fix additional `Gitlab/PublicSend` cop violations
...
An upcoming update to rubocop-gitlab-security added additional
violations.
2017-08-14 12:14:11 -04:00
Douwe Maan
75f5fa997d
Enable Rails/Delegate
2017-02-23 09:32:42 -06:00
Drew Blessing
de4eee0894
LDAP attributes needs default values
2017-01-06 00:24:33 -06:00
Drew Blessing
babb7d5260
Gitlab::LDAP::Person uses LDAP attributes configuration
...
We allow users to configure LDAP attribute preferences. For example,
email can be configured to use `mail`, `email` and `userPrincipalName`,
falling through to the next until a value is found. Prior to this
change, Gitlab::LDAP::Person did not honor this configuration. Now,
the class will honor `name` and `mail` configuration. It does not
handle `username`, or fallback to `first_name` + `last_name` in the
absence of `name`.
2017-01-03 13:26:47 -06:00
Michael Alt
1502fed795
Faulty LDAP DN name escaping removed
...
The Net::LDAP::Filter.escape function can not be used to escape the DN name because the backslash is required to escape special chars in the DN name. This leads to the error message "Access denied for your LDAP account." and prevents the user from logging in to gitlab.
Example DN:
CN=Test\, User,OU=Organization,DC=Company
CN=Test User,OU=Organization,DC=Company
http://www.ietf.org/rfc/rfc4514.txt
2015-03-21 22:57:55 +01:00
Douwe Maan
757dca2b78
Escape wildcards when searching LDAP by username.
2015-03-06 13:39:57 +01:00
Jan-Willem van der Meer
18d2ee31e8
Use server specific uid
2014-10-14 10:54:43 +02:00
Jan-Willem van der Meer
410d6e306b
Remove unused method
2014-10-14 08:54:15 +02:00
Jan-Willem van der Meer
01b791237c
Refactor lib files for multiple LDAP groups
2014-10-13 17:24:05 +02:00
Jan-Willem van der Meer
c0323b40ee
Refactor: beter naming for active directory disabled users
2014-09-01 16:35:18 +02:00
Jacob Vosmaer
be1120e968
Improve ad_disabled method name
2014-05-14 19:13:06 +02:00
Jacob Vosmaer
a966f72224
Document the Active Directory magic numbers
2014-05-14 19:08:42 +02:00
Jacob Vosmaer
11dba4cee7
Fix syntax error in AD disabled user filter
2014-05-14 18:54:05 +02:00
Jacob Vosmaer
a754f0b220
Add LDAP::Person#ad_disabled?
...
Check the bit for disabled Active Directory users. The filter is based
on http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/ .
2014-05-14 18:26:58 +02:00
Jacob Vosmaer
5a616649b5
Allow passing an adapter to Gitlab::LDAP::Person
2014-03-14 08:52:57 +01:00
Dmitriy Zaporozhets
0fdab6a747
Remove copyright
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-10 17:09:45 +02:00
Dmitriy Zaporozhets
daa7f077db
Port LDAP code from EE
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-10 14:48:08 +02:00