Support a separate auth URL for external authentication #12697
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This will allow external auth to only do a single auth at login, which is requried by OTP configurations. https://bugzilla.redhat.com/show_bug.cgi?id=1390349
|
This PR depends on: ManageIQ/manageiq-appliance#101 |
|
Checked commit jvlcek@639a56e with ruby 2.2.5, rubocop 0.37.2, and haml-lint 0.16.1 |
|
@himdel Can you please review the UI changes? |
|
👍 on authentication changes. will need some more testing for ext-auth against AD. Also, separately might need an rpm .spec change (post section) to update the /etc/httpd/conf.d/manageiq-external-auth.conf file in place if present. so customers that have ext-auth configured and upgrade to CFME 5.7 will not have to reconfigure. |
|
This change represents a team effort with much input from @abellotti |
martinpovolny
changed the title
|
The code changes look good, tested that the websocket notification authentication works too .. 👍 :) |
|
I have successfully tested this fix with Ext Auth SSSD/LDAP |
chessbyte
pushed a commit
that referenced
this pull request
Nov 21, 2016
Support a separate auth URL for external authentication (cherry picked from commit ad93833) https://bugzilla.redhat.com/show_bug.cgi?id=1397091
|
Euwe Backport details: $ git log -1
commit 686bf6f7173062e4a76031a9a00def67cfea7ca1
Author: Gregg Tanzillo <gtanzill@redhat.com>
Date: Mon Nov 21 10:11:24 2016 -0500
Merge pull request #12697 from jvlcek/master_bz1390349_2fa
Support a separate auth URL for external authentication
(cherry picked from commit ad9383313d627499906d7ee44ee00c9f22341265)
https://bugzilla.redhat.com/show_bug.cgi?id=1397091 |
|
Darga Backport conflict: $ git cherry-pick -e -x -m 1 ad93833
error: could not apply ad93833... Merge pull request #12697 from jvlcek/master_bz1390349_2fa
hint: after resolving the conflicts, mark the corrected paths
hint: with 'git add <paths>' or 'git rm <paths>'
hint: and commit the result with 'git commit'
$ git status
On branch darga
Your branch is up-to-date with 'upstream/darga'.
You are currently cherry-picking commit ad93833.
(fix conflicts and run "git cherry-pick --continue")
(use "git cherry-pick --abort" to cancel the cherry-pick operation)
Changes to be committed:
modified: app/assets/javascripts/miq_application.js
modified: app/views/dashboard/login.html.haml
modified: config/routes.rb
Unmerged paths:
(use "git add <file>..." to mark resolution)
both modified: app/controllers/dashboard_controller.rb
$ git diffdiff --cc app/controllers/dashboard_controller.rb
index 5e2f35f,6968355..0000000
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@@@ -1,13 -1,19 +1,22 @@@
class DashboardController < ApplicationController
- include DashboardHelper
- include StartUrl
-
- menu_section :vi
-
@@items_per_page = 8
++<<<<<<< HEAD
+ before_action :check_privileges, :except => [:csp_report, :window_sizes, :authenticate, :kerberos_authenticate,
+ :logout, :login, :login_retry, :wait_for_task,
+ :saml_login, :initiate_saml_login]
+ before_action :get_session_data, :except => [:csp_report, :window_sizes,
+ :authenticate, :kerberos_authenticate, :saml_login]
++=======
+ before_action :check_privileges, :except => [:csp_report, :authenticate,
+ :external_authenticate, :kerberos_authenticate,
+ :logout, :login, :login_retry, :wait_for_task,
+ :saml_login, :initiate_saml_login]
+ before_action :get_session_data, :except => [:csp_report, :authenticate,
+ :external_authenticate, :kerberos_authenticate, :saml_login]
++>>>>>>> ad93833... Merge pull request #12697 from jvlcek/master_bz1390349_2fa
after_action :cleanup_action, :except => [:csp_report]
- after_action :set_session_data, :except => [:csp_report]
+ after_action :set_session_data, :except => [:csp_report, :window_sizes]
def index
redirect_to :action => 'show' |
|
Backported to Darga via #12779 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This will allow external auth to only do a single auth at
login, which is requried by OTP configurations.
https://bugzilla.redhat.com/show_bug.cgi?id=1390349