Ruben S. Montero
9361376e90
feature #1288 : Managers can now execute synchronous actions
2012-05-31 18:38:14 +02:00
Ruben S. Montero
e192b6348b
feature #1288 : Moved AuthRequest to its own file to prepare a generic synchronous request interface
2012-05-31 16:51:07 +02:00
Ruben S. Montero
552d370593
feature #1288 : Better integration for Quotas with RequestManager
2012-05-30 02:20:16 +02:00
Ruben S. Montero
d6beb1fb06
feature #1288 : Work on Quota interface. Integration with authZ/authN system
2012-05-29 00:36:13 +02:00
Carlos Martín
a76be30312
Feature #1096 : Change authorization MAD definition to detect if there is any authZ driver enabled
2012-04-11 18:02:15 +02:00
Jaime Melis
a2b7cb6bc9
Bump to version 3.2.0
2012-01-12 12:29:18 +01:00
Carlos Martín
d36e3f1cf9
Feature #862 : Remove PUBLIC from the authorization driver protocol
2012-01-10 15:24:01 +01:00
Ruben S. Montero
e6628a1f75
Feature #862 : Re-factor PoolObjectAuth. Moved ObjectType to PoolObjectSQL. simplified interface for AuthManger::add_auth.
2012-01-03 02:58:23 +01:00
Carlos Martín
75d5e7a1fb
Add the Object type to the PoolObjectAuth class
2012-01-02 22:14:43 +01:00
Carlos Martín
fef8cdbf08
Rename Permissions class to PoolObjectAuth and move it to its own .h file
2012-01-02 21:17:20 +01:00
Carlos Martín
eaa257103e
Refactor PoolObjectSQL::Permissions to be a separate class. Use pointers for Permissions arguments
2012-01-02 19:21:54 +01:00
Carlos Martín
58b831c471
New class PoolObjectSQL::Permissions to move objects ownership and permission attributes to the Auth & ACL Managers
2011-12-29 22:05:11 +01:00
Carlos Martín
e2f51e7861
Change ACL operations to USE, MANAGE, ADMIN & CREATE
2011-12-29 08:09:53 -08:00
Ruben S. Montero
7a44026d66
bug #847 : Get rid of unneeded constructor in AuthRequest
2011-10-21 10:15:26 +02:00
Ruben S. Montero
3a2cbc229b
bug #847 : This commit includes several changes to the auth mechanism:
...
1.- Simplified auth methods for UserPool
2.- Added special SERVER_AUTH method for sudo'ing
3.- Added special PUBLIC_AUTH method for only-public interface users
4.- Added special driver name ("default") to authenticate unknown users
2011-10-21 01:17:46 +02:00
Carlos Martín
319e170ea5
Bug #847 : Add new ACL operation to change the user auth driver. TODO: update Sunstone acl tab
2011-10-20 17:46:33 +02:00
Ruben S. Montero
605d580c63
bug #847 : The authentication driver is now not encoded as part of the secret. The base auth driver has been updated to deal with this new protocol
2011-10-12 01:00:50 +02:00
Ruben S. Montero
fcb352d09d
bug #847 : Tokens are never sha1_digested. Core authentication mechanism stores the passwords digested, client sends plain passwords. Includes OCA (Ruby), CloudAuth and CLI updates. Ozones needs redesign its password storafe strategy.
2011-10-12 00:27:03 +02:00
Ruben S. Montero
cbf64ecf1b
bug #847 : Auth drivers are set in OpenNebula core. Login tokens do not include the driver, so the hash logic needs update, see #911
2011-10-11 19:15:13 +02:00
Ruben S. Montero
3501633b3d
Merge branch 'master' into feature-754
2011-08-30 17:09:57 +02:00
Carlos Martín
8706613748
Feature #718 : Add new DEPLOY authorization operation in core
2011-08-05 16:35:24 +02:00
Ruben S. Montero
65606e7faf
feture-754: OpenNebula core sends information about the ACL authZ result to the driver. Improved formating of auth strings. Check trivial authZ requests.
2011-07-27 11:27:16 +02:00
Ruben S. Montero
66485c6ed7
MULTIPLE GROUPS: Removed initial effort to support multiple user groups for the users. This should be easily recovered to complete this feature in the future
2011-07-07 19:01:04 +02:00
Ruben S. Montero
84a19e69ad
feature #687 : Minor changes in the ACL module
2011-07-03 14:13:43 +02:00
Carlos Martín
303db36d95
Feature #687 : ACL Manager looks for rules that apply to any of the user's groups
2011-06-29 12:50:16 +02:00
Carlos Martín
05ea353f24
Feature #687 : ACL rules now check the object's group
2011-06-28 12:56:37 +02:00
Carlos Martín
bfaabf357d
Feature #687 : Start work on ACL rules
2011-06-22 19:22:52 +02:00
Ruben S. Montero
8c8ead4f74
feature #407 : new CHOWN operation in AuthManager
2011-06-03 18:26:59 +02:00
Carlos Martín
e28ad2a69d
Feature #662 , #407 : Delete operator<< from PoolObjectSQL classes. Remove Cluster objects.
2011-06-03 15:33:48 +02:00
Ruben S. Montero
e61cd923c5
feature #662 : Deleted unneeded file and moved object to string method
2011-05-31 00:16:57 +02:00
Ruben S. Montero
25068e4d59
feature #662 : Allocate methods
2011-05-28 04:03:09 +02:00
Ruben S. Montero
fb3d3a88bb
feature #662 : Common method for publish requests
2011-05-27 00:21:14 +02:00
Ruben S. Montero
b050a5da9f
feature #622 : Public is now an attribute of PoolObjectSQL. Redesign of authorization function
2011-05-26 12:20:56 +02:00
Ruben S. Montero
01d932adea
feature #622 : Added auth for the pool infos. New Auth action is INFO_POOL
2011-05-24 17:52:17 +02:00
Ruben S. Montero
3efc2abdc1
Merge branch 'master' into feature-407
...
Conflicts:
install.sh
2011-05-21 02:28:23 +02:00
Ruben S. Montero
5bfec3ab96
feature #513 : Moved SSL utils to a common Helper Class
2011-05-12 17:20:52 +02:00
Carlos Martín
ae53d43789
Feature #407 : Base implementation for groups.
...
So far groups can be managed, but resources can't be associated to a group.
Tasks done:
* New basic onegroup command
* RequestManager XML-RPC methods
* New group pool
* New GROUP authorization symbol
* Basic GroupPool tests
* Ruby OCA methods
2011-05-10 18:45:15 +02:00
Carlos Martín
2649590d34
Feature #487 : Several bugfixes and new INSTANTIATE auth. operation
2011-04-05 16:05:46 +02:00
Carlos Martín
5b9fed52f7
Feature #487 : First version of TemplatePool added to the core: DB, Pool and RM methods.
2011-03-30 19:03:49 +02:00
Jaime Melis
4980255942
Update copyright year to 2011
2011-02-25 14:34:44 +01:00
Tino Vázquez
0659115f70
feature #203 : Finishing RM authorization task
2010-07-13 18:16:05 +02:00
Tino Vázquez
aea644f944
feature #203 : Auth for USERS
2010-07-09 20:12:19 +02:00
Ruben S. Montero
c752146975
feature #203 : Encode object_ids (templates) for CREATE operations
2010-07-09 09:14:35 +02:00
Ruben S. Montero
76e83df632
feature #203 : Simplified driver load procedure and getter
2010-07-08 18:50:32 +02:00
Ruben S. Montero
b14eefeeec
feature #203 : Plain authn/authz policies
2010-07-08 17:50:49 +02:00
Ruben S. Montero
7f646b8b66
feature 203: Requests now follow the new format
2010-07-08 16:36:33 +02:00
Ruben S. Montero
3388563a9d
feature #203 : Conforming new protocol spec
2010-07-08 15:45:00 +02:00
Ruben S. Montero
a707f730f2
feature #203 : Prevent race condition when a AuthRequests timeout. Now timeout timers are handled by the AuthManager.
2010-07-06 12:35:47 +02:00
Ruben S. Montero
42161d1ac5
feature #203 : Syncrhonization functions for the AuthRequest. Added basic tests for the Authentication Manager
2010-05-29 03:42:30 +02:00
Ruben S. Montero
baca5e4a44
feature #203 : Initial version for the Authorization Manager and Drivers
2010-05-28 00:27:29 +02:00