Permalink
Switch branches/tags
Commits on Dec 6, 2012
  1. documentation updates uaac etc

    Brad Midgley committed Dec 6, 2012
    Change-Id: If04dd69fbebc00e68f077980df3acc9b92cbaf32
Commits on Dec 4, 2012
  1. [cfid-368] Preserve case of username in ScimUser

    dsyer committed Dec 4, 2012
    [Fixes #40593105] [cfid-368] username should preserve case
    
    Change-Id: I76d6b3179f510538ee190ff1e72c9879d73e8d0a
Commits on Nov 30, 2012
  1. don't raise exception on empty search result

    daleolds committed Nov 30, 2012
    [delivers #40460601]
    
    Change-Id: I37942d222901f18fe2262b0eeb5eeaf5df82845a
Commits on Nov 29, 2012
  1. [cfid-332] Reset account lockout counter when password is changed

    dsyer committed Nov 29, 2012
    All the admin user or client has to do is reset the user's password
    and the lockout timer is started again.
    
    [Fixes #39907125] need to be able to reactivate a user account and reset password
    [Fixes #40368551] Duplicate audit event for password change
    
    Change-Id: Ifbbd5636e6193447a5604a815492c85c3c1c5af7
  2. Optimize singleton creation in Yaml processors

    dsyer committed Nov 29, 2012
    Change-Id: I60d989765584411f37c1ff7f2120d0e3d9ce8569
  3. [cfid-357] Move autoapprove to client registration

    dsyer committed Nov 29, 2012
    The old oauth.client.autoapprove is still used by the
    ClientAdminBootstrap but now it just overrides settings
    in the client details themselves.  So this is preferred:
    
      oauth:
        clients:
          foo:
            scope: ...
            authorized-grant-types: ...
            autoapprove: true
    
    or
    
      oauth:
        clients:
          foo:
            scope: ...
            authorized-grant-types: ...
            autoapprove:
              - openid
              - cloud_controller.read
    
    [Fixes #40345221]
    
    Change-Id: I0460ebd0bfe471d4a61f718d1eb0002ebb2c0cb4
Commits on Nov 28, 2012
  1. [cfid-348] Refactor app sample to use UAA scopes

    dsyer committed Nov 8, 2012
    This change doesn't affect the server (provider) features of the UAA
    but it does alter the way that the sample client works, and provides
    additional library features to support that.  The basic idea is
    that a client app can interrogate the token scopes and use them to
    provide role-based (or other) authorization locally. The sample does
    this with the /check_token endpoint (hence the app has to be a
    uaa.resource), but it could in principle work with local decoding too.
    
    Also inspired by problems encountered with a abug that surfaced in the
    dashboard:
    
    [#39194235] [cfid-300] User authenticated by Login Server only has restricted authorities (uaa.user)
    
    Change-Id: I01e760fbe7b9689263af61a2165f8b0432342ac1
Commits on Nov 27, 2012
  1. Users can be created without given and family names

    joeldsa committed Nov 27, 2012
    [#40808947]
    
    Change-Id: I882fb10fbc77bb7a975dc855a5f40016aaa228a2
  2. Bumped the version of the UAA to 1.3.0.

    joeldsa committed Nov 27, 2012
    Change-Id: I455e806932349e8c732f7e588dafa320eff7bf23
  3. Remove legacy application examples from the README

    joeldsa committed Nov 26, 2012
    Change-Id: I2b9b589a7ad1bfa37aec58604d9f36a23b784a04
  4. Removed unnecessary validation causing user bootstrap to fail

    joeldsa committed Nov 27, 2012
    The unnecessary validation on given name and family name was
    preventing us from boostrapping a user that did not have a
    given name and family name.
    
    Additional bug fix to a schema file as well.
    
    [#40536601]
    
    Change-Id: If1c84a8db97cf5caba376815e47b9a850afb5266
  5. Fixed group update to remove members if none are sent.

    joeldsa committed Nov 26, 2012
    [#40594865]
    
    Change-Id: Id219bb4aac8c5e53c7662512de359ffb6e1f02e3
  6. Update maven build to gatling 1.3.5

    dsyer committed Nov 27, 2012
    Change-Id: Icab1d676cae4697445ffd0c63278417f19cd1d66
  7. Merge "Update to gatling 1.3.5" into develop

    dsyer committed with Gerrit Code Review Nov 27, 2012
  8. Update to gatling 1.3.5

    tekul committed Nov 27, 2012
    Also reset the number of users to 10000. Simplified Readme to only
    describe using sbt to run the tests. Added auth code check to
    fail authorization code flow at the point where it fails to get
    an auth code, rather than the subsequent token request.
    
    Change-Id: Iddd1ddef27e7a04eac389e869f0cfec7e1ea80c0
  9. Add defensive retry for lock failures in token store

    dsyer committed Nov 27, 2012
    Change-Id: I0774f58793d225398d5243e690f470657f8cce7c
Commits on Nov 26, 2012
  1. Changed group attribute from membershipType to Type

    joeldsa committed Nov 26, 2012
    This is done to match the SCIM spec.
    
    [#40653593]
    
    Change-Id: I477515dc997d6161d635b8543641d93e93f48e79
  2. Fix login server name in gatling tests.

    tekul committed Nov 26, 2012
    Also added a vmc failed login scenario and some other
    minor changes.
    
    Change-Id: I65f66226db754bf1f5b824278d7b69e26fd6826e
  3. [cfid-347] Integration test failures with postgresql

    dsyer committed Nov 26, 2012
    [Fixes #40112407]
    
    Change-Id: Ifb61fded4a0e031161367391a87f4deb1c60a26c
  4. [cfid-47] Change DDL scripts to allow mixed case username...

    dsyer committed Nov 26, 2012
    ...but preserve case-insensitivity in queries.
    
    [Fixes #35352693] [cfid-47] username should preserve case
    
    Change-Id: I9f016d884d230e8e8ee1c50383abf25b0679a928
Commits on Nov 23, 2012
  1. [cfid-196] allow familyname and givenname to be null

    dsyer committed Nov 23, 2012
    [Fixes #37643127]
    
    Change-Id: I07e13a318d04ec2a854a8213af40b8b1609f6f25
Commits on Nov 22, 2012
  1. [cfid-249] move any state needed across UAAs to shared storage

    dsyer committed Oct 31, 2012
    Added a JDBC store for the existing TokenStore and
    AutorizationCodeServices.  The necessary tables are
    created on startup.
    
    [Fixes #38710949]
    
    Change-Id: Ibaa299ef232d22fa7758a8cf26c40768c4c08913
  2. [cfid-241] More tidying up on audit

    dsyer committed Nov 22, 2012
    The origin field on the audit records was messy (just a toString
    of authentication details which might not yield anything interesting).
    Added details of client and remote ip address if known.
    
    [Fixes #38648335]
    
    Change-Id: Iaced62a19ef784899f74bfe1c286d2c67afd04a2
  3. [cfid-42] Add refresh_token grant automatically

    tekul committed Nov 21, 2012
    When a client is created which has authorization_code grant type but is
    missing refresh_token, the latter will be silently added. This prevents
    problems when users accidentally forget to ask for this grant type when they
    actually need it. [Fixes #35577857].
    
    Change-Id: I1f5a87753256d82f244dc067ad3314d978864c68
  4. [cfid-283] Remove dependencies on scim from lower level packages

    dsyer committed Nov 22, 2012
    I think SCIM could be extracted into its own library at this point.  Let's try and keep
    it that way.
    
    [Fixes #39073217] [cfid-283] Remove cycles between authentication, audit and event packages in uaa
    
    Change-Id: I8a407100c209d2b3958df086ecb2f1c3adb0ee79
Commits on Nov 21, 2012
  1. [cfid-283] Remove cycles in password and scim

    dsyer committed Nov 21, 2012
    [Fixes #39073217]
    
    Change-Id: Ifcb265d229c97ee6a66f9ec49bbabd5e3206e6c2
  2. [cfid-283] Remove dependency between authentication and scim

    dsyer committed Nov 21, 2012
    [Fixes #39073217]
    
    Change-Id: Id78b26427dede21b1b0d1c85735d0ec81407f607
  3. [cfid-283] Remove cycles between authentication, audit and event pack…

    dsyer committed Nov 21, 2012
    …ages
    
    Radical refactoring of audit features so that each functional area that needs
    it can implement its own features, so while everyone has to depend on the
    audit package, the audit package is independent. Hopefully much cleaner.
    
    [Fixes #39073217]
    
    Change-Id: Iefa6e7ab5a9ed1717726923c475e28bc3fc39dfb
  4. [cfid-337] Remove login sample

    dsyer committed Nov 21, 2012
    The real login-server has its own repo now, so that should be
    a good enough reference point (together with the ruby sample)
    
    [Fixes #39928121] Remove login sample (Java)
    
    Change-Id: Ia6cbb5042a25f7bff50bc75c5e8185711391d202
  5. Externalize aspectj version config

    dsyer committed Nov 21, 2012
    Change-Id: Ibbc7f8db9513b9635d27aa9cefe0e45bf4df82d7
  6. Merge "[cfid-243] Add gatling scalability tests for SCIM groups" into…

    dsyer committed with Gerrit Code Review Nov 21, 2012
    … develop
  7. [cfid-243] Add gatling scalability tests for SCIM groups

    vedyval committed Nov 8, 2012
    Fixes [#38680733]. Scenarios under test:
    1. Effect of LARGE number of groups on the /Groups and /Users endpoints
    2. Effect of 20-odd nested groups on GET /Users/{userId}
    3. Operations involving groups with LARGE number of members, like (nUsers-1)
    
    Change-Id: Ia1e97bde1e6e747b4cb289fabe2be7c941b9f2d2
Commits on Nov 20, 2012
  1. [cfid-331] Prevent cycles in nested groups from causing an infinite r…

    vedyval committed Nov 20, 2012
    …ecursion
    
    Preventing formation of cycles in the group hierarchy during create or update will be
    tricky (multiple points in code where we will have to do this), and also expensive
    compared to what it will gain us in exchange. Detecting an existing cycle on the other
    hand is fairly straightforward AND contained to one flow - GET /User/{id} where we
    recursively compute the groups that a user is part of.
    
    Fixes [#39895111].
    
    Change-Id: I3516b2000a42e704918379ce13af6b68f37f0d48
  2. Make sure a group cannot be nested within itself

    vedyval committed Nov 20, 2012
    Prior to this fix, UAA would lets users create/update a group such that the group is a
    member of itself. This would cause an infinite loop when trying to GET a member user
    from the /Users endpoint.
    
    Fixes [#39893867].
    
    Change-Id: Iec4f389480db084ef070b0e51541d02587c77875
  3. [cfid-241] Add audit events for client registration and secret changes

    dsyer committed Nov 20, 2012
    * new events for create, update and delete client
    * better tests
    
    [Fixes #38648335]
    
    Change-Id: Ifbc60be0c34865c1f938785a4d7cf47452864103