738dcf53cdbddc9f941ca40c8db8dcf3e472eca5 |
|
09-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4217 - Align with CUI-111 and 21dcdac9 to properly use managed/user authzRoles. Still blocked by OPENIDM-4246 |
8de83bfc752334ab207e12a65b75105792adaa80 |
|
07-Oct-2015 |
chad.kienle <chad.kienle@forgerock.com> |
[OPENIDM-3469] reverted change or internal "roles" to "authzroles" |
956fdc37b33e1fca00177e7815e966feae128d20 |
|
07-Oct-2015 |
chad.kienle <chad.kienle@forgerock.com> |
[OPENIDM-3469] Updated logic to process user's internal roles as
relationship objects. |
48a99a679220c6522d8b11dc1305f7780ae02a8e |
|
07-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-7438 - OPENIDM-3344 - Separate different role types into different fields for managed/user |
194cdefb77cf5217ac87c29c6412db51bd6b8c8d |
|
10-Feb-2015 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-340 (CR-5999) Add "static user" auth module to authenticate anonymous user
against module config to avoid repo read for self-registration use-cases. |
ca9cecf8aad26de692a51049e26d3374dc97f975 |
|
30-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1708 (CR-3633)
Support reauth for any auth module configured in authentication.json.
* AuthenticationService now handles requests on /authentication, replaciing
AuthFilter which was not a filter, and did not fully handle reauth.
* Authenticators are used from both JASPI auth modules and AuthenticationService
to provide the authentication--either with Http headers in the case of the
auth modules, or from the authcid in the HttpContext and the reauth header
in the case of reauthentication.
* AuthenticationService now satisfies the AuthenticationConfig service for
the purposes of OSGiAuthFilterBuilder's access to the config to build the
JASPI CAF.
* The duplicative managed/user config at the top of the sample authentication.json
files are now removed, thus satisfying OPENIDM-1781. |
b4260bb3e2303240ecf6c7e4e5639439c3f98889 |
|
27-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1762 (CR-3586)
Additional decoupling of auth module role calculation and security context
population from auth module validation code. Notably:
* factor out basic auth code to allow PassthroughModule to support both basic auth and X-OpenIDM- header auth.
* remove IWAPassthroughModule in favor of using auth module configuration to control order of execution
* separate client cert auth into its own module, supporting an list of "allowedAuthenticationIdPatterns"
to compare against the subject DN
* remove static dependency on OSGIAuthnFilterBuilder for injection of OSGi artifacts - improves testability |
c6e4938694c8db79b7ae39fa470c5c8f4f438691 |
|
12-May-2014 |
Phill Cunnington <phill.cunnington@forgerock.com> |
CAF-93/CAF-103 - Reverting file changes made for testing |
0c3f79f75f596c8d6700b2de830000f754bb28a9 |
|
12-May-2014 |
Phill Cunnington <phill.cunnington@forgerock.com> |
CF-2495 - CAF-93/CAF-103 - Session integration with OpenAM via common session module |
5309610b8d1ba235e0f581d610fd484dc9824075 |
|
26-Mar-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1687
Still more userId/authenticationId mixups |
69e51fd9ebc0e3eddea6130a9cac4f9978b08b60 |
|
26-Mar-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1687
Missed a userId -> authenticationId in config |
56cbc2397b26fdd0e57ceb78657514d88f260e80 |
|
19-Mar-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-3215 - OPENIDM-1683 - Pass-through authentication support for enduser ui |
932eacec6c157231777c9b1d1326c8ed1f0a8d99 |
|
14-Mar-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-140 (CR-3137)
Add support for per-auth module security context augmentation script. |
ec5fbbb48cbc6d0bc2d495fb21d34129e14d935e |
|
21-Jan-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
Setting jwt to be session-only by default |
b56234d54a46cb5aad928863f8a859683d05082e |
|
15-Jan-2014 |
Phill Cunnington <phill.cunnington@forgerock.com> |
OPENIDM-1556 Update IDM Jaspi authentication configuration to work with forgerock-auth-filters 1.3.0-SNAPSHOT updates |
4098d8e8496291ef7a21f5f36fabd292d12f8cdb |
|
12-Dec-2013 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/FR-20 - Pulling in numerous updates to common ui from bridge work
http://sources.forgerock.org/cru/FR-22 - Updates to pass-through auth config and script to be more flexible with choice of ldap backend |
36ad89406448dee2c2c3589e6f658299c99e8a9a |
|
05-Nov-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
IB-448 - CR-2548 - JWT cookie should be browser session only, rather than persistant |
c352aa88914fc8e9ddd649eb2688dd7e8ef9f258 |
|
04-Oct-2013 |
Brendan Mmiller <brendan.miller@forgerock.com> |
Allow the location of the authnPopulateContext.js script to be customisable
(r2490 from trunk |
8b46d9cadd39222ab850a33499b2177092a3d9d3 |
|
25-Sep-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
IB-600 - CR-2356 Allow the location of the authnPopulateContext.js script to be customisable |
e492c2715769a2d88e4c4c3279a627421f9f94b6 |
|
15-Aug-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
OPENIDM-1442 - CR-2169 Integrate Commons Authn Filter into OpenIDM CREST v2.0.0 branch |
56915532b4b25af7bed7eb892453730826dca372 |
|
22-Jul-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Missing short name for auth module in authentication.json |
62d99415354b3fefa7794fa5f5b3a086533b8704 |
|
17-Jul-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Change the way the authentication.json file is read, made servlet filter registered in code - issue with specifying augment security context scripts |
d4b048490b8644f99322f2751825f10fed166695 |
|
04-Jul-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Fixed typo in jwt session module class name |
b041e305ce6da9402641052585909a9c126f0ddb |
|
03-Jul-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Review comments changes |
2ad421be82e7713aff140f6b5b2d7992e949a23e |
|
03-Jul-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
merging authnfilter.json into authentication.json |
b7b78145894d7034627d0c88acf89b582c9bb383 |
|
19-Jun-2013 |
Phill Cunnington <phill.cunnington@forgerock.com> |
Updates based on review comments from previous CR |
27b2ac15d8015fcdd3a940b10e788f408903670e |
|
13-Sep-2012 |
mbilski <mbilski@localhost> |
CR-607 CR-630
- ui divided into three modules,
- customizable forms,
- new dashboard & apps views,
- js refactoring,
- apps request approval simple workflow,
- users table pagination |
345f2ea93746a7db75e68688ea1611ba532f73e1 |
|
31-Jul-2012 |
Travis Hall <travis.hall@forgerock.com> |
Actually applying changes outlined in r1119.
Not sure why they weren't committed with the last one. Fixed! |
41b8a41890ba8f4574304c7ef42effe818413348 |
|
25-Jul-2012 |
mbilski <mbilski@localhost> |
- logging in as openidm-admin (internal_user)
- form validation msg next to submit button in registration
- fixed problems reported in CR-485 & CR-490
- functional tests update
- removed profiles |
9174320881e637a98941982124bf59bc8b9859ae |
|
22-Dec-2011 |
Jamie Nelson <jamie.nelson@forgerock.com> |
remove file based authentication entries |
19ffdadfbe9007be2433f689635964053ca76422 |
|
22-Dec-2011 |
Jamie Nelson <jamie.nelson@forgerock.com> |
add conf/authentication.json for auth configuration |