summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth
AgeCommit message (Collapse)AuthorFilesLines
2006-05-31Bug 338573: Auth could throw an insecure dependency error if username is taintedmkanat%bugzilla.org1-0/+6
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-05-31Bug 320751: LDAP: Ability to have Bugzilla use the LDAP username directly as ↵mkanat%bugzilla.org1-5/+10
the Bugzilla username Patch By guillomovitch@zarb.org r=mkanat, a=myk
2006-05-16Bug 337661: LDAP user login failure: Can't locate object method "realname" ↵lpsolit%gmail.com1-1/+1
via package "Bugzilla::User" - Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit a=justdave
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org15-1008/+1002
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-03-04Patch for bug 216902: support LDAPS connections; patch by Christian Krause ↵jocuri%softhome.net1-3/+22
<chkr@plauener.de>, r=vladd, a=justdave.
2006-03-03Patch for bug 161369: Strip trailing whitespace from login usernames; patch ↵jocuri%softhome.net1-1/+1
by Paul <pdemarco@zoominternet.net>, r=vladd, a=justdave.
2006-03-01Fix invalid POD formatting (patch for fixing broken tree - runtests.pl, test ↵jocuri%softhome.net1-1/+1
11).
2006-02-22Bug 327355: Email preferences are not set correctly when the user account is ↵lpsolit%gmail.com1-101/+63
created by Env.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=justdave
2006-01-10Bug 322620: Logging in with 'Remember my Login' deselected gives: Use of ↵lpsolit%gmail.com1-0/+1
uninitialized value in string eq at Bugzilla/Auth/Login/WWW/CGI.pm line 83 - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2006-01-06Bug 322244: Cookies are incorrectly detainted when logging out - Patch by ↵lpsolit%gmail.com1-1/+1
Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2006-01-03Bug 119524: SECURITY: predictable sessionid (Use a token instead of ↵lpsolit%gmail.com1-4/+6
logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave
2005-11-22Bug 279716: Users have to relogin when changing their own password - Patch ↵lpsolit%gmail.com1-2/+12
by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave
2005-10-31Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Frédéric ↵lpsolit%gmail.com1-4/+0
Buclin <LpSolit@gmail.com> r=wicked a=justdave
2005-08-19Bug 304583: Remove all remaining need to rederive inherited groupsbugreport%peshkin.net1-0/+9
Patch by Joel Peshkin <bugreport@peshkin.net> r=mkanat, a=justdave
2005-07-26Bug 300403: New Charts errors out, creates new 'add' user, when Env auth ↵lpsolit%gmail.com1-2/+6
method is used - Patch by A. Karl Kornel <karl@kornel.name> r=wurblzap a=justdave
2005-07-26Bug 301967: Some .pm files have invalid POD syntax - Patch by Frédéric ↵lpsolit%gmail.com1-1/+3
Buclin <LpSolit@gmail.com> r=wurblzap a=justdave
2005-07-13Bug 300336: Bugzilla::Auth should not contain any exported subroutinesmkanat%kerio.com1-4/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2005-07-08Bug 298659: setting authentication to LDAP,DB failsmkanat%kerio.com1-2/+2
Patch By A. Karl Kornel <karl@kornel.name> r=glob, a=justdave
2005-07-08Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case ↵mkanat%kerio.com3-16/+10
insensitive Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2005-07-07Bug 268146: mod_security complain: Invalid cookie format: Cookie value is ↵lpsolit%gmail.com1-6/+2
missing #2 - Patch by Marc Schumann <wurblzap@gmail.com> r=kiko a=justdave
2005-05-12Bug 287436: [SECURITY] After having logged in, links to change the report ↵mkanat%kerio.com1-0/+2
type contain username and password Patch By Marc Schumann <wurblzap@gmail.com> r=gerv, a=justdave
2005-04-17Bug 290570: Bugzilla::Auth::WWW:Env uses bitwise OR - Patch by Simon ↵lpsolit%gmail.com1-1/+1
Wilkinson <simon@sxw.org.uk> r=kiko a=justdave
2005-04-08Bug 238877: remove %FORM from Bugzilla/Auth/Login/WWW/CGI.pm - Patch by ↵lpsolit%gmail.com1-2/+0
Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=justdave
2005-03-23Bug 258515: Errors when accessing Bugzilla over IPv6 - Patch by Marc ↵lpsolit%gmail.com1-5/+3
Schumann <wurblzap@gmail.com> r=joel, a=justdave
2005-03-13Bug 83044 - Any page is now capable of being a login page simply by adding ↵jake%bugzilla.org1-0/+1
the ?GoAheadAndLogin=1 option to the URL. All links have been changed to make index.cgi the default login page instead of query.cgi. r=joel, a=justdave
2005-03-05Bug 277782: _throw_error should unlock tables when tables are locked, ↵mkanat%kerio.com1-1/+1
automatically Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=travis, r=LpSolit, a=justdave
2005-02-20Bug 280499: Replace "TO_DAYS()" with Bugzilla::DB function callmkanat%kerio.com1-3/+4
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave
2005-02-19Bug 280494: Replace "SELECT LAST_INSERT_ID()" with Bugzilla::DB function callmkanat%kerio.com2-4/+2
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave
2005-02-09Bug 280994 : Move ValidateNewUser out of globals.pltravis%sedsystems.ca1-1/+1
Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-02-01Bug 280124 : Move InsertNewUser to Bugzilla::Usertravis%sedsystems.ca1-1/+2
Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-02-01Bug 278792 : Move Crypt() to Bugzilla::Authtravis%sedsystems.ca1-1/+1
Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-01-16Patch for bug 260682: Support redirecting to HTTPS always or for ↵jocuri%softhome.net2-0/+11
authenticated sessions only; patch by Byron Jones (glob) <bugzilla@glob.com.au>, r=vladd, a=myk.
2004-10-21Patch for bug 232155: Remove uninitialized value warning from Pperl's ↵jocuri%softhome.net1-8/+3
Cookie.pm and unify code by removing redundancy; patch by Christian Reis <kiko@async.com.br> backported to 2.18 by Rob Siklos <rsiklos@adexa.com>; r=vladd,kiko, a=justdave.
2004-09-09Patch for bug 257303: convert lastused field in logincookies from timestamp ↵jocuri%softhome.net2-2/+3
to datetime; patch by Tomas Kopal <Tomas.Kopal@altap.cz>; r=vladd, a=justdave.
2004-08-11Bug 241903: Add Environment Variable Authentication for apache auth and SSObugreport%peshkin.net3-1/+194
patch by erik r=joel a=justdave
2004-07-31Bug 253588: Change Bugzilla->user to be usable even for a logged-out userbugreport%peshkin.net1-3/+1
patch by erik,joel r=kiko a=justdave
2004-07-29Missing bits of fix for bug 236678: Clean up access to COOKIE global.kiko%async.com.br1-8/+0
Murder the last remaining places in the tree where COOKIE is used; includes a rather thorough cleanup of Bugzilla::Bug->user and a minor doc update. r=joel, a=justdave.
2004-07-29Fix for bug 236678: Clean up access to COOKIE global. Murder the lastkiko%async.com.br1-6/+0
remaining places in the tree where COOKIE is used; includes a rather thorough cleanup of Bugzilla::Bug->user and a minor doc update. r=joel, a=justdave.
2004-07-21Bug 241900: Allow Bugzilla::Auth to have multiple login and validation stylesbugreport%peshkin.net6-20/+296
patch by erik r=joel, kiko a=myk
2004-07-12Backing out bug 241900bugreport%peshkin.net4-36/+19
2004-07-12Bug 241900: Allow Bugzilla::Auth to have multiple login and validation stylesbugreport%peshkin.net4-19/+36
patch by erik r=joel a=justdave
2004-03-27Fix for bug 226754: Move InvalidateLogins into Bugzilla::Auth::CGI. ↵kiko%async.com.br2-29/+35
Consolidates the logout code into Bugzilla::Auth::CGI, and provides simple front-end wrappers in Bugzilla.pm for use in the CGIs we have. r=bbaetz, joel; a=justdave. Adds a set of constants to the logout() API which allow specifying "how much" we should log out -- all sessions, the current session, or all sessions but the current one. Fixes callsites to use this new API; cleans and documents things a bit while we're at it. Part I in the great COOKIE apocalypse.
2004-03-18Bug 237864: clean up leftovers from the bug 192516 checkin (some occurances ↵justdave%syndicomm.com1-2/+2
of Token got missed) r= gerv, a= justdave
2004-01-17Fix for bug 90468: Bugzilla does not log out automatically when closingkiko%async.com.br1-7/+22
the session. Patch by toms@myrealbox.com (Toms Baugis), with minor cleanups by me. r=kiko, a=myk.
2003-12-07Fix for bug 226982: Move password change code into Bugzilla::Auth (partkiko%async.com.br1-28/+50
1). Factored code out from Bugzilla::Auth::DB->authenticate() into separate methods so we can use them externally. Add extra API to DB.pm, which is currently used only internally (pending part 2). r=bbaetz, a=justdave
2003-11-27Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide akiko%async.com.br1-1/+26
logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave
2003-10-26Bug 223093: correcting the title on "perldoc Bugzilla::Auth::DB"justdave%syndicomm.com1-1/+1
r= bbaetz, a= justdave
2003-09-14Bug 208699 - Move Throw{Code,Template}Error into Error.pmbbaetz%acm.org1-15/+16
r,a=justdave
2003-07-14Bug 122365 - Allow installation definable LDAP filtersbbaetz%acm.org1-2/+2
r,a=justdave
2003-06-23Bug 210324 - s/->err/->error/bbaetz%acm.org1-1/+1
r,a=justdave