Commit Graph

158 Commits

Author SHA1 Message Date
Jan Eberhardt fcf8a305ea MDL-31578 auth_shibboleth: Custom fields added to shibboleth settings
Since LDAP is able to sync custom user profile fields, this feature was
requested for Shibboleth.
2015-02-19 13:56:26 +00:00
Simey Lameze b82b4c562b MDL-47964 auth_shibboleth: Fix DOS on the shibboleth logout 2015-01-06 11:05:30 +00:00
Didier Raboud 0cf19119b5 MDL-34437 shibboleth: Correct the shibboleth wiki links. 2014-12-01 14:57:51 +05:30
Mark Nelson 38d8b7b703 MDL-46016 auth_shibboleth: updated misleading comment
Also generated a random string for the password field in case it is ever used.
2014-07-03 16:15:57 -07:00
Eloy Lafuente (stronk7) 538bf99ece MDL-45486 Bump all versions to planned release
This bumps all versions to planned 2.7 release
(2014051200) version and all the dependencies to
current 2.7rc2 (2014050800)
2014-05-09 02:12:28 +02:00
Matt Petro 5f1b2e8821 MDL-45118 shibboleth: set context on index page 2014-04-15 23:11:32 -04:00
Eloy Lafuente (stronk7) f39c82ebed MDL-42701 Bump all versions near 2.6 release 2013-11-05 02:36:00 +01:00
Mark Nelson 5991cabfd7 MDL-40045 auth: removed unnecessary add_to_log calls
Both LDAP and Shibboleth call complete_user_login which triggers
a user_loggedin event that handles the legacy call to add_to_log.
2013-10-21 11:53:30 +08:00
Petr Škoda d79d5ac276 MDL-31501 rework user session architecture
List of changes:
 * New OOP API using PHP namespace \core\session\.
 * All handlers now update the sessions table consistently.
 * Experimental DB session support in Oracle.
 * Full support for session file handler (filesystem locking required).
 * New option for alternative session directory.
 * Official memcached session handler support.
 * Workaround for memcached version with non-functional gc.
 * Improved security - forced session id regeneration.
 * Improved compatibility with recent PHP releases.
 * Fixed borked CSS during install in debug mode.
 * Switched to file based sessions in new installs.
 * DB session setting disappears if DB does not support sessions.
 * DB session setting disappears if session handler specified in config.php.
 * Fast purging of sessions used in request only.
 * No legacy distinction -  file, database and memcached support the same functionality.
 * Session handler name included in performance info.
 * Fixed user_loggedin and user_loggedout event triggering.
 * Other minor bugfixing and improvements.
 * Fixed database session segfault if MUC disposed before $DB.

Limitations:
 * Session access time is now updated right after session start.
 * Support for $CFG->sessionlockloggedinonly was removed.
 * First request does not update userid in sessions table.
 * The timeouts may break badly if server hosting forces PHP.ini session settings.
 * The session GC is a lot slower, we do not rely on external session timeouts.
 * There cannot be any hooks triggered at the session write time.
 * File and memcached handlers do not support session lock acquire timeouts.
 * Some low level PHP session functions can not be used directly in Moodle code.
2013-09-21 13:11:56 +02:00
Eloy Lafuente (stronk7) cedb0aab5a MDL-39434 Bump all versions near 2.5 release 2013-05-01 18:03:29 +02:00
Petr Škoda 60d7078adf MDL-39387 normalise MOODLE_INTERNAL 2013-04-27 15:09:05 +02:00
Petr Škoda a2f10958ff MDL-39387 fix /auth phpdocs 2013-04-27 15:06:40 +02:00
Dan Poltawski f94ed34126 MDL-35130 - remove unused string 2013-01-08 10:52:18 +08:00
Charles Fulton 63f329cad5 MDL-35130 shibboleth: remove hard-coded string 2012-12-20 10:28:23 -08:00
Charles Fulton ab0ccc6731 MDL-37020 auth_shibboleth: check if target variable is actually set 2012-12-05 11:18:37 -08:00
Eloy Lafuente (stronk7) 663dbbc2e6 MDL-36933 Bump everything to 2012112900
(versions, requires and dependencies)
2012-11-30 03:30:09 +01:00
Sam Hemelryk 2ede3d7f35 Merge branch 'MDL-31629-master' of git://github.com/micaherne/moodle 2012-11-06 10:08:43 +13:00
David Tang 54d6517db3 MDL-31629 auth_shibboleth Use correct language string location 2012-10-17 12:56:14 +01:00
Michael Aherne af402e5677 MDL-36101 auth_shibboleth Show appropriate error message for suspended accounts 2012-10-17 12:37:43 +01:00
Charles Fulton 39323c753d MDL-35153 shibboleth: check for WAYFless URLs 2012-09-13 19:13:58 -07:00
Ankit Agarwal bf0f06b1be MDL-34471 libraries: Replace all uses of get_context_instance() with respective context_XXXX::instance() method 2012-08-02 15:37:38 +08:00
Rossiani Wijaya eac75f211d MDL-34553 accessibility compliance for authentication: Add forform input text and select tag 2012-07-31 16:49:25 +08:00
Charles Fulton 258a893c3d MDL-27563 shibboleth: set context on login page 2012-07-08 20:46:34 -07:00
Aparup Banerjee 8128e0c88b MDL-23254 Authentication : used httpswwwroot as root url during authentication procedure where $PAGE->https_required() is specified. 2012-06-28 15:32:33 +08:00
Eloy Lafuente (stronk7) c5e783e512 MDL-33794 version.php: Bump all versions, requires and dependencies to 2012061700 2012-06-18 02:37:00 +02:00
Michael Aherne 7dfe4b92d0 MDL-33331 Strict warning in Shibboleth auth 2012-05-24 13:04:21 +01:00
Sam Hemelryk 3211569a6a Revert "MDL-30843 and MDL-30842 - accessibility compliance: Add <label> for form input text and select tag"
This reverts commit f9f281b8fe.
2012-04-11 17:18:58 +12:00
Sam Hemelryk 5bfeb5ffd3 Merge branch 'MDL-30843_b' of git://github.com/rwijaya/moodle 2012-04-10 12:34:37 +12:00
Rossiani Wijaya f9f281b8fe MDL-30843 and MDL-30842 - accessibility compliance: Add <label> for form input text and select tag 2012-03-30 16:26:58 +08:00
Petr Skoda caee6e6c26 MDL-32251 E_STRICT fixes part 3 2012-03-29 15:24:30 +02:00
Petr Skoda 88c48bbfda MDL-32052 use $this->authtype in auth config, this may help with sib classing of plugins 2012-03-17 10:58:43 +01:00
Sam Hemelryk cf6d069afd Merge branch 'MDL-31017' of git://github.com/stronk7/moodle 2012-01-05 11:17:31 +13:00
Eloy Lafuente (stronk7) fb95ef9ecd MDL-31017 whitespace clean - take1 2012-01-04 16:27:32 +01:00
Petr Skoda 5ea41be1b3 MDL-30610 remove outdated auth upgrade code 2011-12-23 10:38:10 +01:00
Petr Skoda be974aa7f9 MDL-30007 add/fix version files for all auth plugins 2011-11-29 20:41:21 +01:00
Petr Skoda e922fe23b6 MDL-29602 accesslib improvements
Refactoring and improvements of the accesslib.php library including prevention of access for not-logged-in users when forcelogin enabled, improved context caching, OOP refactoring of contexts, fixed context loading, deduplication of role definitions in user sessions, installation improvements, decoupling of enrolment checking from capability loading, added detection of deleted and non-existent users in has_capability(), new function accesslib test, auth and enrol upgrade notes.

More details are available in tracker subtasks.
2011-10-16 14:05:18 +02:00
Aparup Banerjee af4f1cc722 MDL-26257 Authentication : whitespace/style fixes 2011-09-13 19:10:54 +08:00
Henning Bostelmann f4831673b6 MDL-26257 Shibboleth auth: run logout handler only if logged in via Shibboleth 2011-09-08 12:13:07 +01:00
Petr Skoda 0342fc3609 MDL-28158 add optional "Remember username" checkbox in login forms 2011-07-10 13:22:55 +02:00
Petr Skoda 431ac39634 MDL-26623 fix file permissions
The permissions are now going to be verified as part of the weekly release process.
2011-03-01 12:26:49 +01:00
Petr Skoda cd138b26f1 MDL-26376 fix incorrect Shibboleth string and undefined property during first config saving 2011-02-12 17:00:36 +01:00
Sam Hemelryk 80c1289773 MDL-25637 Fixed whitespace 2011-01-24 16:20:30 +08:00
Aparup Banerjee b692e4aa29 Performance MDL-25637 moved static count/sizeof functions out of for loop conditions 2011-01-24 14:51:21 +08:00
Helen Foster f085c3eccb MDL-21250 capital letters removal 2010-12-08 19:47:46 +00:00
Petr Skoda 8a8f1c7cd6 MDL-10137 rewritten cookie test on login page, username cookie is not required any more - hopefully this will be more reliable test 2010-10-10 17:30:28 +00:00
Petr Skoda 17c70aa007 MDL-16723 automatic redirects to https when loginhttps enabled - this solves accidental usage of http version + it also solves recent navigation regressions + fixed regression from PAGE conversions + deprecated old httpsrequired() and $HTTPSPAGEREQUIRED 2010-10-10 15:04:19 +00:00
Petr Skoda cc2202299f MDL-24253 we need to udpate shibboleth to use new session api 2010-09-17 10:43:15 +00:00
Petr Skoda fb81718414 replaced forbidden font tags 2010-09-17 10:39:29 +00:00
Petr Skoda 629e12fd81 MDL-23927 do not use = 'guest' because we have CFG->siteguest AND it matches any other username with accents and different case in MySQL 2010-08-25 08:43:42 +00:00
Jonathan Harker 355593f123 MDL-19418 Fix up a couple of stray deprecated ereg and eregi_replace calls. 2010-07-20 06:13:18 +00:00