vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
3270 commits 2 branches 62 tags 205 MiB
Commit graph

19 commits

Author SHA1 Message Date
Joseph Schorr
f6fea27c12 Fix encrypted password generator to use the LDAP username, not the Quay username. 
Currently, we use the Quay username via `verify_user` when we go to create the encrypted password. This is only correct if Quay has not generated its own different username for the LDAP user, and fails if it has. We therefore add a new method `confirm_existing_user`, which looks up the federated login for the LDAP user and then runs the auth flow using that username.
 2015-05-26 16:05:36 -04:00
Joseph Schorr
88ece113ee Explicitly enable LDAP referrals 
Note: The mock LDAP system doesn't support referrals, so we can't add a unit test for this.
 2015-05-26 16:05:36 -04:00
Joseph Schorr
07b4fb9105 LDAP sometimes has multiple records for a user 2015-05-12 12:02:09 -04:00
Joseph Schorr
efab02ae47 LDAP improvements: 
- Better logging
  - Better error messages
  - Add unit tests
  - Clean up the setup tool for LDAP
 2015-05-11 21:23:18 -04:00
Joseph Schorr
1c83def15b LDAP should only show logs when asked. 2015-05-11 13:01:49 -04:00
Joseph Schorr
f9c1f123c2 Add better debugging to LDAP 2015-05-08 14:19:32 -04:00
Joseph Schorr
a7b6cb5c23 Fix handling of byte strings and large ints 2015-03-26 17:45:43 -04:00
Joseph Schorr
c4a2574b0d Clarify unencrypted password error message 2015-03-26 16:23:28 -04:00
Joseph Schorr
f8afd8b5ce Make sure to parse the big int into a byte string 2015-03-26 16:13:35 -04:00
Joseph Schorr
4d1792db1c getrandbits creates an int, not a float 2015-03-26 15:47:44 -04:00
Joseph Schorr
aaf1b23e98 Address CL concerns and switch to a real encryption system 2015-03-26 15:10:58 -04:00
Joseph Schorr
d23bb6616d Fix error message to exactly match current output 2015-03-26 13:22:16 -04:00
Joseph Schorr
e4b659f107 Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords 2015-03-25 18:43:12 -04:00
Joseph Schorr
a36266f758 Add LDAP tracing 2015-02-27 17:01:46 -05:00
Jake Moshenko
33b43b75c0 Eliminate a lot of the if cases in create_user by separating them out. Add a limit to the number of users which can be created based on the license. Add support for creating and loading licenses. 2014-05-28 13:51:52 -04:00
Jake Moshenko
628d09afe0 Remove the passwd attr ldap config. 2014-05-13 15:52:20 -04:00
Jake Moshenko
2da8b4737e Fix the registry to work with unicode usernames in LDAP. 2014-05-13 15:22:31 -04:00
Jake Moshenko
5fdccfe3e6 Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call. 2014-05-13 12:17:26 -04:00
Jake Moshenko
027ada1f5c First stab at LDAP integration. 2014-05-09 17:39:43 -04:00