Feature #145

Provide an internal authorization mechanism

Added by Paul Kelly about 2 years ago. Updated over 1 year ago.

Status:Closed Start:12/31/2009
Priority:Normal Due date:
Assigned to:Paul Kelly % Done:

100%
Category:Authentication
Target version:0.1-6
Backlog: Difficulity:
Votes: 0

Description

Before DHCP and DNS management is enabled a login mechanism is required for those sites that do not have LDAP

Add AuthSourceInternal and store passwords in the database

Related issues

blocks Foreman - Feature #62: Add a Generic DHCP library Closed 03/15/2010 03/15/2010

Associated revisions

Revision 7a4ec5cf7cd482e4adac225312aa02dbe82ff561
Added by Paul Kelly over 1 year ago

Fixes #145 - Added AuthSourceInternal

Added a password setting facility to the user class for AuthSourceInternal
Switched to SHA1
Changed :ldap to :login
Applied numerous fixes from Ohad Levy
Fixed malformed user page
Switched attr_accessible to attr_protected
Swiched prepare_password to a before_validation, otherwise validations will fail
Lots of test fixes!

Revision 686cb440d4bfacbcbf399b3f183562c8cdc8ee0f
Added by Ohad Levy over 1 year ago

requireing the sha1 library, refs #145

Revision 185db7c58ea271b4320e462736cb3c39b9b85319
Added by Ohad Levy over 1 year ago

refs #145, cleanup test

History

Updated by Ohad Levy about 2 years ago

  • Target version set to 0.3

Updated by Paul Kelly almost 2 years ago

  • Status changed from Assigned to Ready For Testing

fix in 81f679b87050484d9a7ec7ef55688687119993a1 on the new_iscdhcp_from_edge

Updated by Paul Kelly almost 2 years ago

  • Target version changed from 0.3 to 0.1-5
  • Branch set to feature/145-AuthSourceInternal

I have ported the edge code to develop
Tested the migrations, on-the-fly registration and password changing.
This is not made mandatory and is not used if settings lDAP is not enabled
Creates an internal "root" account

Updated by Paul Kelly almost 2 years ago

  • Subject changed from Authorization must be enforced when DNS and DHCP editing is enabled to Provide an internal authorization mechanism

Updated by Ohad Levy over 1 year ago

  • Target version changed from 0.1-5 to 0.1-6

Updated by Paul Kelly over 1 year ago

Fixed the code for 1.5 compatibility
Added some tests

I suggest that we change the name of SETTINGS[:ldap] to SETTINGS[:login] as it is currently misleading.

Updated by Paul Kelly over 1 year ago

switched to using SHA1 and stole some code from dish

Updated by Paul Kelly over 1 year ago

Added many improvements from Ohad
Many test fixes
Fixed issue where attr_accessible was breaking the logic
Switched to using attr_protected
Swiched prepare_password to a before_validation, otherwise validations will fail

Updated by Paul Kelly over 1 year ago

  • % Done changed from 0 to 100

Updated by Paul Kelly over 1 year ago

Update wiki and documentation before release

Updated by Ohad Levy over 1 year ago

  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF