summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth/Login
AgeCommit message (Collapse)AuthorFilesLines
2010-03-24Bug 553770: Make the JSON-RPC WebService throw a proper error when you don'tMax Kanat-Alexander1-4/+2
provide login credentials on a LOGIN_REQUIRED page. (Before this, it was attempting to display the HTML login page to JSON-RPC clients.) r=dkl, a=mkanat
2009-12-31Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxiesmkanat%bugzilla.org1-1/+1
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-12-31Bug 385606: Logincookies are recreated at each HTTP request when using the ↵lpsolit%gmail.com1-0/+1
'Env' auth method - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2009-11-24Bug 430014: Re-write the code hooks system so that it uses modules instead ↵mkanat%bugzilla.org1-1/+1
of individual .pl files Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat
2009-11-09Bug 525734: Allow WebService clients to authenticate using Bugzilla_login ↵mkanat%bugzilla.org1-5/+3
and Bugzilla_password Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-10-19Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric ↵lpsolit%gmail.com1-17/+8
Buclin <LpSolit@gmail.com> r/a=mkanat
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org1-11/+0
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-04-17Bug 488467: Verify and Login auth methods were being called in a random ↵mkanat%bugzilla.org1-1/+1
order, causing sudo sessions to frequently not need the user to re-enter their password. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2008-10-05Partial backout of bug 183665. It's responsible for bug 457719lpsolit%gmail.com1-1/+1
2008-08-18Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com1-3/+8
protects logins and param doesn't protect WebService calls at all Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat
2008-08-07Bug 438435: Need code hooks for authenticationmkanat%bugzilla.org1-4/+12
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
2008-07-29Backing out these patches as they cause a regression. More informationdkl%redhat.com1-3/+5
in the respective bug reports. Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2008-07-10Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com1-5/+3
protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
2007-11-15Bug 183665: Accessing post_bug.cgi directly gives a weird error message and ↵lpsolit%gmail.com1-1/+1
should redirect to enter_bug.cgi instead - Patch by Matt Tasker <mtasker@gmail.com> (based on the original patch from victory <spam@bmo2007.rsz.jp>) r/a=LpSolit
2006-08-20Bug 224577: Bugzilla could use a web services interface.wurblzap%gmail.com1-0/+7
Patch by Marc Schumann <wurblzap@gmail.com>; r=mkanat; a=myk
2006-07-06Bug 340967: The login form appears twice when trying to add an attachment ↵lpsolit%gmail.com1-0/+15
(due to two consecutive calls to Bugzilla->login) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-07-04Bug 338375: Use Bugzilla->params everywhere instead of Param().mkanat%bugzilla.org2-2/+0
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-07-04Bug 342869: Use Bugzilla->params everywhere except templatesmkanat%bugzilla.org2-5/+7
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-06-19Spelling in code comments patch: 'cokie' -> 'cookie'; patch by Vlad Dascalu ↵vladd%bugzilla.org1-1/+1
<vladd@bugzilla.org>.
2006-06-03Bug 340104: Move Bugzilla::Auth::get_netaddr() in Util.pm - Patch by ↵lpsolit%gmail.com1-2/+1
Frédéric Buclin <LpSolit@gmail.com> r/a=justdave
2006-06-01Bug 339858: Remove useless module dependencies in Bugzilla::Auth::* - Patch ↵lpsolit%gmail.com3-3/+1
by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org8-655/+297
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-03-03Patch for bug 161369: Strip trailing whitespace from login usernames; patch ↵jocuri%softhome.net1-1/+1
by Paul <pdemarco@zoominternet.net>, r=vladd, a=justdave.
2006-02-22Bug 327355: Email preferences are not set correctly when the user account is ↵lpsolit%gmail.com1-101/+63
created by Env.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=justdave
2006-01-10Bug 322620: Logging in with 'Remember my Login' deselected gives: Use of ↵lpsolit%gmail.com1-0/+1
uninitialized value in string eq at Bugzilla/Auth/Login/WWW/CGI.pm line 83 - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2006-01-06Bug 322244: Cookies are incorrectly detainted when logging out - Patch by ↵lpsolit%gmail.com1-1/+1
Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2006-01-03Bug 119524: SECURITY: predictable sessionid (Use a token instead of ↵lpsolit%gmail.com1-4/+6
logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave
2005-11-22Bug 279716: Users have to relogin when changing their own password - Patch ↵lpsolit%gmail.com1-2/+12
by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave
2005-10-31Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Frédéric ↵lpsolit%gmail.com1-4/+0
Buclin <LpSolit@gmail.com> r=wicked a=justdave
2005-08-19Bug 304583: Remove all remaining need to rederive inherited groupsbugreport%peshkin.net1-0/+9
Patch by Joel Peshkin <bugreport@peshkin.net> r=mkanat, a=justdave
2005-07-26Bug 300403: New Charts errors out, creates new 'add' user, when Env auth ↵lpsolit%gmail.com1-2/+6
method is used - Patch by A. Karl Kornel <karl@kornel.name> r=wurblzap a=justdave
2005-07-26Bug 301967: Some .pm files have invalid POD syntax - Patch by Frédéric ↵lpsolit%gmail.com1-1/+3
Buclin <LpSolit@gmail.com> r=wurblzap a=justdave
2005-07-08Bug 298659: setting authentication to LDAP,DB failsmkanat%kerio.com1-2/+2
Patch By A. Karl Kornel <karl@kornel.name> r=glob, a=justdave
2005-07-08Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case ↵mkanat%kerio.com1-1/+2
insensitive Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2005-07-07Bug 268146: mod_security complain: Invalid cookie format: Cookie value is ↵lpsolit%gmail.com1-6/+2
missing #2 - Patch by Marc Schumann <wurblzap@gmail.com> r=kiko a=justdave
2005-05-12Bug 287436: [SECURITY] After having logged in, links to change the report ↵mkanat%kerio.com1-0/+2
type contain username and password Patch By Marc Schumann <wurblzap@gmail.com> r=gerv, a=justdave
2005-04-17Bug 290570: Bugzilla::Auth::WWW:Env uses bitwise OR - Patch by Simon ↵lpsolit%gmail.com1-1/+1
Wilkinson <simon@sxw.org.uk> r=kiko a=justdave
2005-04-08Bug 238877: remove %FORM from Bugzilla/Auth/Login/WWW/CGI.pm - Patch by ↵lpsolit%gmail.com1-2/+0
Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=justdave
2005-03-23Bug 258515: Errors when accessing Bugzilla over IPv6 - Patch by Marc ↵lpsolit%gmail.com1-5/+3
Schumann <wurblzap@gmail.com> r=joel, a=justdave
2005-03-13Bug 83044 - Any page is now capable of being a login page simply by adding ↵jake%bugzilla.org1-0/+1
the ?GoAheadAndLogin=1 option to the URL. All links have been changed to make index.cgi the default login page instead of query.cgi. r=joel, a=justdave
2005-03-05Bug 277782: _throw_error should unlock tables when tables are locked, ↵mkanat%kerio.com1-1/+1
automatically Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=travis, r=LpSolit, a=justdave
2005-02-20Bug 280499: Replace "TO_DAYS()" with Bugzilla::DB function callmkanat%kerio.com1-3/+4
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave
2005-02-19Bug 280494: Replace "SELECT LAST_INSERT_ID()" with Bugzilla::DB function callmkanat%kerio.com2-4/+2
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave
2005-01-16Patch for bug 260682: Support redirecting to HTTPS always or for ↵jocuri%softhome.net2-0/+11
authenticated sessions only; patch by Byron Jones (glob) <bugzilla@glob.com.au>, r=vladd, a=myk.
2004-10-21Patch for bug 232155: Remove uninitialized value warning from Pperl's ↵jocuri%softhome.net1-8/+3
Cookie.pm and unify code by removing redundancy; patch by Christian Reis <kiko@async.com.br> backported to 2.18 by Rob Siklos <rsiklos@adexa.com>; r=vladd,kiko, a=justdave.
2004-09-09Patch for bug 257303: convert lastused field in logincookies from timestamp ↵jocuri%softhome.net2-2/+3
to datetime; patch by Tomas Kopal <Tomas.Kopal@altap.cz>; r=vladd, a=justdave.
2004-08-11Bug 241903: Add Environment Variable Authentication for apache auth and SSObugreport%peshkin.net3-1/+194
patch by erik r=joel a=justdave
2004-07-31Bug 253588: Change Bugzilla->user to be usable even for a logged-out userbugreport%peshkin.net1-3/+1
patch by erik,joel r=kiko a=justdave
2004-07-29Missing bits of fix for bug 236678: Clean up access to COOKIE global.kiko%async.com.br1-8/+0
Murder the last remaining places in the tree where COOKIE is used; includes a rather thorough cleanup of Bugzilla::Bug->user and a minor doc update. r=joel, a=justdave.
2004-07-21Bug 241900: Allow Bugzilla::Auth to have multiple login and validation stylesbugreport%peshkin.net3-0/+484
patch by erik r=joel, kiko a=myk