| #
a0b5b007 |
| 13-Oct-2008 |
Chris Smith <chris.eureka@jalakai.co.uk> |
Fix for FS#1050
Update cookie and session with new details after an "update profile" action
darcs-hash:20081013122958-f07c6-244b949b074ac73711c61833f1fa663e55da19c7.gz
|
| #
17f89d7e |
| 12-Oct-2008 |
Michael Klier <chi@chimeric.de> |
FS#564 FS#1270 new option to disable the rememberme checkbox
darcs-hash:20081012144253-23886-c904f82c559c3ad5477bf921e93cb439a212134d.gz
|
| #
b2c0d874 |
| 12-Oct-2008 |
Gina Haeussge <osd@foosel.net> |
Fail silently if trying to login through supplied HTTP credentials (FS#1228)
darcs-hash:20081012131042-2b4f5-029f4f0ffa6c89e23653584c8bb41db78834cc73.gz
|
| #
e16eccb7 |
| 11-Oct-2008 |
Guy Brand <gb@isis.u-strasbg.fr> |
Empty breadcrumbs on logout (see FS#979)
darcs-hash:20081011161458-19e2d-97001154886654be84d70b1b140743b124a1c763.gz
|
| #
e9621d07 |
| 11-Oct-2008 |
Andreas Gohr <andi@splitbrain.org> |
reopen the session in auth_logoff FS#1484
To clean data from the session correctly on logout, the session needs
to be reopened.
darcs-hash:20081011092157-7ad00-e5cc905b6e04b13fe667690c0e6aad6852425
reopen the session in auth_logoff FS#1484
To clean data from the session correctly on logout, the session needs
to be reopened.
darcs-hash:20081011092157-7ad00-e5cc905b6e04b13fe667690c0e6aad68524254f1.gz
show more ...
|
| #
f5c6743c |
| 12-Sep-2008 |
Andreas Gohr <andi@splitbrain.org> |
more cookie security FS#1490
This patch adds the httponly option to the PHP session cookies and DokuWiki's
auth cookie when supported by the PHP version.
It also adds a new config option 'securecoo
more cookie security FS#1490
This patch adds the httponly option to the PHP session cookies and DokuWiki's
auth cookie when supported by the PHP version.
It also adds a new config option 'securecookie' which is enabled by default.
It makes sure the browser will not sent a cookie set via HTTPS over a
non-secured connection. This option has to be disabled for wikis that only
protect the login with SSL but not the whole wiki.
darcs-hash:20080912224922-7ad00-d5275147ba9d17a9f6defa8a51ca720da74ba8a0.gz
show more ...
|
| #
7d3c8d42 |
| 17-Aug-2008 |
Gabriel Birke <Gabriel.Birke@delti.com> |
Wrap user modifications in events
Adds a wrapper function in the basic auth class which is used by the core code
to modify the user database. The wrapper function signals events and delegates
the ac
Wrap user modifications in events
Adds a wrapper function in the basic auth class which is used by the core code
to modify the user database. The wrapper function signals events and delegates
the action to the auth backend.
darcs-hash:20080817141121-79ce3-3300a4342b62a7a18ebcc9a765d87b30a0264621.gz
show more ...
|
| #
577c7cda |
| 28-Jul-2008 |
Andreas Gohr <andi@splitbrain.org> |
Enhancements for password hashing (maybe fixes FS#1440)
This patch adds support for Apache style salted MD5 hashs (apr1). It also fixes
smd5 for systems where crypt() does not support MD5 hashs.
Un
Enhancements for password hashing (maybe fixes FS#1440)
This patch adds support for Apache style salted MD5 hashs (apr1). It also fixes
smd5 for systems where crypt() does not support MD5 hashs.
Unit tests were added.
darcs-hash:20080728181616-7ad00-d0980557111cb05662ea1bcf4a78aa2b74ac90d0.gz
show more ...
|
| #
34aeb4af |
| 08-Jun-2008 |
Andreas Gohr <andi@splitbrain.org> |
check ACLs correctly if only groups but no user is given FS#1415
When only an array of groups but no username where passed to auth_aclcheck()
it defaulted to use the @ALL group only. This is not cri
check ACLs correctly if only groups but no user is given FS#1415
When only an array of groups but no username where passed to auth_aclcheck()
it defaulted to use the @ALL group only. This is not critical because this
does not happen anywhere in the code.
Only exception is when building the plain english explanation of an ACL rule
in the ACL manager.
darcs-hash:20080608101051-7ad00-0abd42f84c04473ad4fca149893a1b4d931ece48.gz
show more ...
|
| #
09c2d803 |
| 03-Jun-2008 |
Andreas Gohr <andi@splitbrain.org> |
reopen the session for storing the auth token
darcs-hash:20080603203138-7ad00-cce00e99b64c53b6ffa11748262a3a8c2cd1e37e.gz
|
| #
f13fa892 |
| 03-Jun-2008 |
Andreas Gohr <andi@splitbrain.org> |
authentication via session tokens
This patch adds a way to create a token for an authenticated user which is stored
in the session. When a subsequent request resends this token, the request will be
authentication via session tokens
This patch adds a way to create a token for an authenticated user which is stored
in the session. When a subsequent request resends this token, the request will be
authenticated automatically without the need for any cookies or credential
rechecking.
The auth token expires with the session. Requesting a new token will invalidate
the old one. Sending a wrong token will result in a 401 and any existing token
will be revoked.
This is currently not used anywhere in the code but can be used for browser
intitiated client software (flash, applets, ...).
Note this is unreleated to the anti CSRF sectoken implementation.
Users who want to make use of this mechanism will probably need to pass the
session id and a valid sectoken in addtion to the authtoken
darcs-hash:20080603193450-7ad00-2f35ddde16a31c4f2699e0e6050b3c4277b2bc64.gz
show more ...
|
| #
cf626a62 |
| 15-Mar-2008 |
Andreas Gohr <andi@splitbrain.org> |
Fix for password updates FS#1352
darcs-hash:20080315105202-7ad00-455d343db7d52a5af92361719bee1d60b6c8107d.gz
|
| #
7651d633 |
| 27-Feb-2008 |
Guy Brand <gb@isis.u-strasbg.fr> |
Superuser and manager now can be comma separated lists
This patch allows $conf['superuser'] and $conf['manager'] to be lists
of values instead of only a single value. So one can put:
$conf['super
Superuser and manager now can be comma separated lists
This patch allows $conf['superuser'] and $conf['manager'] to be lists
of values instead of only a single value. So one can put:
$conf['superuser']
darcs-hash:20080227142515-19e2d-c160914589f71531583e7ddaab1fc6a81996efa1.gz
show more ...
|
| #
85d03f68 |
| 26-Feb-2008 |
Andreas Gohr <andi@splitbrain.org> |
fix usage of is_admin in auth_aclcheck
There were a few problems with name encoding for groups and users
introduced in the recent aclcheck change
darcs-hash:20080226172257-7ad00-d591f0d2f2219a2b23f
fix usage of is_admin in auth_aclcheck
There were a few problems with name encoding for groups and users
introduced in the recent aclcheck change
darcs-hash:20080226172257-7ad00-d591f0d2f2219a2b23f93060c65b8fb5f46bd1d7.gz
show more ...
|
| #
df466c7a |
| 15-Feb-2008 |
Andreas Gohr <andi@splitbrain.org> |
Use auth backend to verify password on profile update FS#1328
darcs-hash:20080215154316-7ad00-d052e2eed8e47e62ff639cd66d7debb4bfd293fc.gz
|
| #
7172dbc0 |
| 15-Feb-2008 |
Andreas Gohr <andi@splitbrain.org> |
Make session reference file check overridable for auth backends
darcs-hash:20080215121716-7ad00-35d275212e0e3c41626ed64d9096aad10f4ad2db.gz
|
| #
9ec82636 |
| 15-Feb-2008 |
Andreas Gohr <andi@splitbrain.org> |
invalidate all user session cache when userdatabase is changed FS#1085
A reference file is now stored in data/cache/sessionpurge and is used to
check if user sessions are still valid.
To accomondat
invalidate all user session cache when userdatabase is changed FS#1085
A reference file is now stored in data/cache/sessionpurge and is used to
check if user sessions are still valid.
To accomondate for slow auth backends DokuWiki caches user info for
a certain time in the user session.
darcs-hash:20080215114923-7ad00-6874d5211efce7d07e54de37244becc2387c1ba7.gz
show more ...
|
| #
4c21b7ee |
| 13-Feb-2008 |
Andreas Gohr <andi@splitbrain.org> |
make sure not supported profile fields are not accepted FS#1329
darcs-hash:20080213214505-7ad00-8ff1974ccbab38168f95072faaeb53134f95b926.gz
|
| #
7adba38c |
| 12-Feb-2008 |
Guy Brand <gb@isis.u-strasbg.fr> |
Have aclcheck use auth_isadmin
darcs-hash:20080212213222-19e2d-d8a2261fa83d6482afe213ffb41611ae723811de.gz
|
| #
90583e9f |
| 02-Nov-2007 |
Andreas Gohr <andi@splitbrain.org> |
fix problems if $USERINFO['grps'] is not set
darcs-hash:20071102181850-7ad00-9c2c9b0ef953274b8abdadd95c53e8f4e1982810.gz
|
| #
00976812 |
| 30-Sep-2007 |
Andreas Gohr <andi@splitbrain.org> |
don't use realpath() anymore (FS#1261 and others)
The use of realpath() to clean up relative file names caused some
trouble in certain setups relying on symlinks or having restricitve
file structure
don't use realpath() anymore (FS#1261 and others)
The use of realpath() to clean up relative file names caused some
trouble in certain setups relying on symlinks or having restricitve
file structure setups.
This patch replaces all realpath() calls with a PHP only replacement
which should solve those problems.
darcs-hash:20070930184250-7ad00-512ff04c95f57fc9eaf104f80372237a3c94286f.gz
show more ...
|
| #
1b2a85e8 |
| 30-Aug-2007 |
Andreas Gohr <andi@splitbrain.org> |
Part 2 of the SecurityToken patch to avaoid CSRF attacks
This patch adds a security token to all forms generated through the new
form class. However it is only checked for possible dangerous actions
Part 2 of the SecurityToken patch to avaoid CSRF attacks
This patch adds a security token to all forms generated through the new
form class. However it is only checked for possible dangerous actions like
editing or profile changes.
darcs-hash:20070830191429-7ad00-445efea47a09a4823dfe9e3434ba5b355a80daf6.gz
show more ...
|
| #
1a9ae8e5 |
| 19-Aug-2007 |
Andreas Gohr <andi@splitbrain.org> |
quote fix in auth_nameencode
darcs-hash:20070819211829-7ad00-7f2dbd3d7ad6b4568b8f34209fbcffda6e110f4c.gz
|
| #
00ce12da |
| 05-Aug-2007 |
Chris Smith <chris@jalakai.co.uk> |
Protect auth_ismanager() from auth modules that don't always provide group data in array (FS#1196)
darcs-hash:20070805203312-d26fc-cab8dbfff8a2d5f7299fa4462771bafc00135728.gz
|
| #
1ec50243 |
| 25-Jun-2007 |
Andreas Gohr <andi@splitbrain.org> |
fix for recent auth change
darcs-hash:20070625210929-7ad00-034c5839bbca3e697d360f72dffcf9d927fea755.gz
|