 Xavier Haurie | 63ce81187e9 | Add TODO documenting discussion between developers | | |
 dwalend | af7fa7479c3 | Removed dependency on reactive streams for SHRINE2020-1218 | | |
 David Walend | ba403ce16e7 | Pull request #1357: Fix for SHRINE2020-1281 - removed a dependency on SEnum and some very simple tests
Merge in SHRI... | | |
Xavier Haurie | 2731d9d2a2b | update sample config files to use AJP again | | |
Xavier Haurie | 33fe8342396 | update sample config files | | |
 Carl Woolf | a0a4d862813 | make generalAuthorization property in userInfo available in session (though for now, not in the smoke output) | | |
Carl Woolf | 00472205333 | wire userInfo into the login-session lifecycle | | |
dwalend | 2e1fb29a5e9 | Fix for SHRINE2020-1281 - removed a dependency on SEnum and some very simple tests | | |
Carl Woolf | dc81f71de7d | eliminate (we think an) unnecessary cookie config | | |
Carl Woolf | b55a8561081 | replace diagnostic cookies with stub use of session | | |
David Walend | 3228a27c162 | Pull request #1356: Feature/SHRINE2020 846
Merge in SHRINE/shrine from feature/SHRINE2020-846 to develop
* commit '... | | |
dwalend | e830a00a33f | Code review fix from Marc-Danie for SHRINE2020-846 | | |
dwalend | 3596b7f2d9f | Fixed a wildcard in an import for SHRINE2020-1280 | | |
Xavier Haurie | bd3f47e4b6c | pass cookie to apache server and from there to the browser (by setting max-age to -1) | | |
Xavier Haurie | 5a77e7c26d7 | pass cookie to apache server by setting max-age to -1 | | |
dwalend | 460a1d9b43e | Merge remote-tracking branch 'origin/develop' into feature/SHRINE2020-846 | | |
dwalend | e9e5387ba1f | Comments mostly about punting work into the future for SHRINE2020-846 | | |
dwalend | 33cb37b2125 | Some tidying up for SHIRNE2020-846 before taking on RunQueryResponse | | |
Carl Woolf | 7de3c9d27e9 | simplify smoke/cookies endpoint. remove defunct dump-map code | | |
Carl Woolf | 04eaf166586 | precise URI's for authz-free-pass | | |
Xavier Haurie | 479c52a8bef | Create a test cookie | | |
Carl Woolf | c39689aa0b6 | new, improved filter, for more robust authorization, logouts seem to work better | | |
 Marc-Danie Nazaire | fa6b9aa0a8c | Pull request #1355: Feature/SHRINE2020 1198 - Update docker container to use 1.7.13
Merge in SHRINE/shrine from feat... | | |
dwalend | b0f4c4e4acc | Cleaned out ReadQueryInstancesResponse for SHRINE2020-846 | | |
dwalend | e0ae31bba40 | Removed AbstractReadInstanceResultsResponse for SHRINE2020-846 | | |
Marc-Danie Nazaire | 44ef8a6a317 | SHRINE2020-1198 - Update docker container to use 1.7.13 - Fixed tomcat startup when network already exists | | |
David Walend | 2a91afbd7c0 | Pull request #1354: Feature/SHRINE2020 1273
Merge in SHRINE/shrine from feature/SHRINE2020-1273 to develop
* commit... | | |
Marc-Danie Nazaire | 62c457b676f | SHRINE2020-1198 - Update docker container to use 1.7.13 - Fixed mysql jdc deprecated error in log and restarting network | | |
Xavier Haurie | 777c9339d93 | flesh out stub for calling authz from middleware; move authorization logic from AuthzHttp4sResource to AuthorizationS... | | |
Marc-Danie Nazaire | f12cbc2c4f3 | SHRINE2020-1198 - Update docker container to use 1.7.13 - updated myql connector library and the
tomcat container ver... | | |
dwalend | 724fa2f6ba8 | Moved ReadInstanceResultsResponse into a CrcClient. Fix for SHRINE-2706 and more work toward SHRINE2020-846 | | |
Carl Woolf | 61fd9f76d6a | stub for calling authz from middleware | | |
Carl Woolf | 22f4901bbc2 | change name of middleware object | | |
Marc-Danie Nazaire | 1133df9b69b | SHRINE2020-1198 - Update docker container to use 1.7.13 | | |
dwalend | b3910053063 | Added a query id to CrcClient's hofs for SHRINE2020-846 | | |
dwalend | c3a3c271e50 | Replaced ReadResultClient with a call to a generified CrcClient for SHRINE2020-846 | | |
dwalend | 99a7d6b51ea | Decided Client was a fine postfix for named-requesters for SHRINE2020-846 | | |
Xavier Haurie | 49b6bd41925 | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2 | | |
Carl Woolf | 15dc5debab8 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | 536ed00d75b | add trivial map to output of ..../qep/login . Coming Soon: authz info? | | |
Xavier Haurie | 947b2065d8f | remove dead config | | |
Xavier Haurie | 266380e02b4 | see if HttpSession is persistent | | |
Xavier Haurie | 114ff9ea5f5 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xavier Haurie | c0d4a258761 | try using HttpSession again | | |
Carl Woolf | 69d619b40f2 | yeah, currently do not believe in guard, it seems not to help | | |
dwalend | 8c0de28e2c9 | My own review of SHRINE2020-1273 | | |
Carl Woolf | 74a8a309c82 | remove (doubled) filter declarations from web.xml -- they are declared via annotations | | |
dwalend | 404bb03740c | Little bits while testing AWS SQS without FIFO for SHRINE2020-1273 | | |
Carl Woolf | c7a8d85ffc6 | more guards for 'committed' servletResponse | | |
Carl Woolf | a65a8b82e4b | do not need to be authorized in order to logout! | | |
Carl Woolf | 353eb874c3c | more robust guard for 'committed' httpResponse | | |
Carl Woolf | 49c7240f90f | move url val to block where it is used | | |
Carl Woolf | 04199ec4d8a | break out 'guard condition' once more | | |
Carl Woolf | ad891d196cd | oops, need == but had != | | |
Carl Woolf | 46cdeb3d0f0 | clean up filter a bit | | |
Carl Woolf | 673298f9a91 | adjust logic so that it does require checkAndRedirect for the checkAndRedirect itself! | | |
dwalend | 380b0802651 | More switching FIFO off for SHRINE2020-1273 | | |
dwalend | 889acf8391b | More switching FIFO off for SHRINE2020-1273 | | |
Carl Woolf | 0119fd1ace3 | add biz logic to new filter, checks every request for authzn, redirecting to request url if successful | | |
dwalend | 8fe51e45e94 | Try timing without FIFO for SHRINE2020-1273 | | |
David Walend | 11c92665d49 | Pull request #1353: Work-around for AWS SQS's limit of 50 Principals in a policy Statement for SHRINE2020-1272
Merge... | | |
Carl Woolf | 01690fff5f0 | nascent authzn filter, biz logic to follow | | |
Carl Woolf | 09cc942254e | tweaks to code | | |
dwalend | 8cb20f1936a | Better comments from Marc-Danie's review of SHRINE2020-1272 | | |
dwalend | 639fddc557b | FIFO queues need a deduplication field. I'm trying messageDeduplicationId for SHRINE2020-1273 | | |
dwalend | 4503773b937 | Changes to get the hub audit tool prototype working again to support SHRINE2020-1273 | | |
dwalend | 9264e8de317 | Old cut-paste typo for SHRINE2020-1272 | | |
Xavier Haurie | 1615bbe7494 | upon hitting our logout endpoint, redirect to Shibboleth logout URL | | |
Xavier Haurie | 85779d7d072 | allow for multiple databases; move the configuration of the B/W list's database config so it is with the rest of the ... | | |
Xavier Haurie | 710fd06e986 | Externalize end-point attribute providers' regex names and values; allow any number of such regexes | | |
dwalend | 4ae1c541012 | Missed the new property in the shrine-setup shrine.conf for SHRINE2020-1272 | | |
Xavier Haurie | fa6c081371e | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2
� Conflicts:
... | | |
Carl Woolf | 8714b3bc5f0 | add some integrity to Headers provider: parameter user must be equal to the REMOTE_USER | | |
dwalend | 2a06732ac29 | Work-around for AWS SQS's limit of 50 Principals in a policy Statement for SHRINE2020-1272 | | |
Carl Woolf | 9f685d2bc32 | reorganize smoke-test urls. move white-black-list db code near its attr provider | | |
Xavier Haurie | 6019e4e39aa | remove unused variable | | |
Xavier Haurie | 8ff586c79c1 | externalize the logout URL | | |
Carl Woolf | b9af629184a | authz/logout should be no-op if conf says no authz | | |
Carl Woolf | 3170dfcfe39 | need to at least force logout when authzn fails | | |
dwalend | 08f701628a2 | Need to restart the QueuedQueriesPoller when the CRC gives us an incomplete result for SHRINE2020-846 and SHRINE2020-621 | | |
Carl Woolf | 91d9c212673 | add b-w-list logic to hms-authorization. enable authzn in config. put cw183, xh54 and fp75 on white-list | | |
dwalend | 4195ae53373 | Made CrcClient typesafe and propogated the Either result through breakdowns for SHRINE2020-846 | | |
Carl Woolf | a7eea282327 | rename Config to Util, and add a helper method for calling outside urls | | |
dwalend | 05edc2d312c | More dead code gone for SHRINE2020-846 | | |
dwalend | 0ba37d910dd | Changed CrcClient to return an Either[ErrorResponse,V] and threaded the changes all the way through for SHRINE2020-846 | | |
Carl Woolf | 1cbd6c725dc | quiet failure is profiles url (or other endpiont url) is down | | |
Carl Woolf | 78ee9dbeb74 | tweak the dump-output of user maps | | |
dwalend | ef091b78c23 | Reworked CRC client to construct the class's V instead of the parseShrineResponse's R for SHRINE2020-846 | | |
dwalend | 6cbfad78440 | Refactoring of the CRC client and almost got rid of BroadcastMessage for SHRINE2020-961 SHRINE-2384 and SHRINE2020-846 | | |
Carl Woolf | 24b74636e9b | add outer map of all users' info | | |
dwalend | 1509df287d4 | Cleanup before factoring out some common bits for SHRINE2020-846 | | |
dwalend | 5dd4dbf8568 | Some renaming before the bigger refactor for SHRINE2020-846 | | |
Carl Woolf | 4325b4a9f29 | adjust path to unauth page | | |
Carl Woolf | a113efe2e0c | remove unused attr provider. Provide 'unauthorized' page | | |
dwalend | fd6c4d1c338 | More little bits of cleanup for SHRINE2020-846 | | |
Xavier Haurie | 3efdb7b331d | remove stale configs to be served by the /config end point | | |
dwalend | b5d5fc039f5 | Deleted a lot of methods that were only used in tests after updating the tests to use active code paths for SHRINE202... | | |
dwalend | bc93193b139 | Checkpointing changes to look back one step for SHRINE2020-846 | | |
Carl Woolf | b87358d8885 | begin wiring authorizer | | |
Carl Woolf | 25f56cae334 | correct path for config for whether authzn is desired | | |
Carl Woolf | f4cfbe6b61c | config checks whether authzn is desired | | |
Carl Woolf | 1ba86770bc3 | polish / simplify AttrProvider pattern | | |
Xavier Haurie | 069aa0df0ea | modify attribute providers to use a single flat list of config blocks; | | |
Xavier Haurie | f8eeb6e9b8e | simplify shibboleth config for sessionHook | | |
Xavier Haurie | 99c263447ea | add missing sessionHook attribute | | |
Xavier Haurie | 623d445103f | rename one attribute provider and make the rest of them objects | | |
Xavier Haurie | ad71528362c | loop through attribute provider names as configured and add an initial empty entry in globalUserInfo for each | | |
Carl Woolf | dc10d5b4bc8 | omit unused val assignment | | |
Carl Woolf | d086172bb92 | progress on dynamically using attrProvider classes | | |
Carl Woolf | 7367110ea98 | explanatory comments about the Seq's , part 2 | | |
Carl Woolf | 46da310f9bb | explanatory comments about the Seq's | | |
Carl Woolf | 8493897900d | tweak / cleanup authInfo endpoints | | |
Carl Woolf | e645fc364e8 | Revert "Revert "remove local presence of shrineSP.conf""
This reverts commit b33cce59902321100e036507df25a2ba5b49c34e. | | |
Carl Woolf | b33cce59902 | Revert "remove local presence of shrineSP.conf"
This reverts commit cbaf5aa58d4897f75902d8be2a72e1ff0dbf28e7. | | |
Carl Woolf | 8dcd48bcb0e | progress wiring authz attributes | | |
Carl Woolf | cbaf5aa58d4 | remove local presence of shrineSP.conf | | |
Carl Woolf | 7e5233df09e | shrineSP.conf actually works better living here, not in sso-configs. Deploy works both ways, but war-copy needs it here | | |
Carl Woolf | 99f0a283a75 | tweaking endpoint regex, add smoke-test endpoint | | |
Carl Woolf | 86a978da972 | ho ho ho. progress toward endpoint config. refactored List to Seq, when possible, the latter is "the scala way" | | |
Carl Woolf | eff9954361f | remove resources folder. conf is now in sso-configs | | |
Carl Woolf | 664a791800e | remove local shrineSP.conf, should come from sso-configs | | |
Carl Woolf | 91b598578a4 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | ec07df85cb7 | try adding shrineSP to config ecosystem | | |
Xavier Haurie | b0954e52072 | fix a bug and add explanatory content to debug statements | | |
Xavier Haurie | 58267a67af2 | port the AbstractAuthorizer and HmsAuthorizer classes to scala. move EndpointProviders to the providerService.attribu... | | |
Xavier Haurie | 45c43ee96af | port the AbstractAttrProvider and RequestHeadersAttrProvider classes to scala. Need to be hooked up to the configurat... | | |
dwalend | da737f72e0f | Cleaning up some old test code for SHRINE2020-621, SHRINE-3613, SHRINE-3578, SHRINE-3310 | | |
Xavier Haurie | 5ed1ece31f0 | fix reading-in name of authorizer and names of header configuration providers; dump the result to the browser | | |
Xavier Haurie | 09bf0aab9ef | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2 | | |
Xavier Haurie | 665cc58e8a2 | setup code to be able to inspect 4 config settings | | |
Carl Woolf | c10cf005495 | initial work on endpointProviders. remove bad line from conf-addition | | |
Xavier Haurie | f6f5f8dbb6d | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xavier Haurie | 5f5f4b0a952 | fix AttributesConf. Other confs remain to be made to work. | | |
Carl Woolf | 4ccaded2e31 | make allConfig eager | | |
Carl Woolf | b32d0771332 | allconfig helper | | |
Carl Woolf | daf6f52267f | logout redirect works | | |
Carl Woolf | 50baffbd8f2 | onShibLogin redirect works | | |
Xavier Haurie | 82edfcb1d46 | maintain a single map of all the logged in users. Add end-points for "logging in" and "out" of the map. | | |
David Walend | 1ae8e863f63 | Pull request #1352: Feature/SHRINE2020 1261
Merge in SHRINE/shrine from feature/SHRINE2020-1261 to develop
* commit... | | |
dwalend | 63caaeb5bcb | Removed a stray println for SHRINE2020-1261 | | |
Carl Woolf | 7c03d2942f0 | remove 'print statement' info() calls. remove one bit of laziness. update readme | | |
Carl Woolf | f5001250a5b | OMG, config'd endpoint isBlacklist works | | |
Carl Woolf | a0f211877da | bit more progress towards db read-access for blacklist... WIP, no cigar yet | | |
Carl Woolf | 64b8a91c174 | progress towards db read-access for blacklist... WIP, no cigar yet | | |
dwalend | eca253f9cf7 | Added a command to switch MOM systems for SHRINE2020-1261 | | |
Carl Woolf | 65cb1ffd14a | demo treating path-parameter, improved query parameter treatment | | |
Carl Woolf | 026f9b2cf92 | on the way to colorList db. reorganize service / endpoints. add headers and query-params to cookies output | | |
Carl Woolf | 6254db92bde | steps toward black-white table | | |
dwalend | d87f9ef5de3 | Updated README.md for SHRINE2020-987 | | |
Carl Woolf | def52223577 | add comment | | |
Carl Woolf | 7f3979b3a1a | more robust profiles logic. despite its discouraging name, unsafeRunSync() seems to be the go-to way to get a synchro... | | |
dwalend | ba64285f972 | Updates for perftest SHRINE2020-988 | | |
Carl Woolf | bc779eb2966 | tweak some names | | |
Carl Woolf | 9f0c13a6ede | progress with profiles | | |
Carl Woolf | 22ce75cf34e | progress (but no cigar) with profiles | | |
Carl Woolf | ae289b240a5 | incorporate populate() into infoUser object | | |
Carl Woolf | 0c2dd99f8d7 | don't quote the Option[String] | | |
Carl Woolf | 047d5542b24 | embryonic behaviors around userInfo map | | |
dwalend | 8ebc56c4ab0 | Updated the jmeter test for the newer networks for SHRINE2020-988 | | |
Carl Woolf | 5f14c481ac1 | extract remote-user from header | | |
Carl Woolf | d4234356f6f | first step towards authorizer in the http4s eco-system on shrine | | |
dwalend | 3b5ce8f426b | Parking SHRINE2020-1261 to work on performance tests | | |
David Walend | 8c1ec44aa3a | Pull request #1351: Removed the forced dependency on apache commons-text now that opencsv is updated for SHRINE2020-1... | | |
David Walend | cf032c2c7f5 | Pull request #1350: Feature/SHRINE2020 1259
Merge in SHRINE/shrine from feature/SHRINE2020-1259 to develop
* commit... | | |
dwalend | c224516a6d2 | Removed the forced dependency on apache commons-text now that opencsv is updated for SHRINE2020-1255 | | |
David Walend | 2a97024806b | Pull request #1349: Turns out SHRINE2020-1258 shouldn't be done after all.
Merge in SHRINE/shrine from feature/SHRIN... | | |
dwalend | 77ae60fd162 | Changed over the hub database code to all use cats IO - never blocks - for SHRINE2020-1259 | | |
dwalend | 8cb982f62fc | Replaced all uses of runTransactionBlocking in the hub db with IO for SHRINE2020-1259 | | |
dwalend | 0ba156bd4d9 | Turns out SHRINE2020-1258 shouldn't be done after all. Added a comment. | | |
David Walend | 070d4800041 | Pull request #1348: Bugfix/SHRINE2020 1252
Merge in SHRINE/shrine from bugfix/SHRINE2020-1252 to develop
* commit '... | | |
dwalend | 5b1054a9370 | Merge remote-tracking branch 'origin/develop' into bugfix/SHRINE2020-1252 | | |
David Walend | bd9a344ad2d | Pull request #1347: Feature/SHRINE2020 1246
Merge in SHRINE/shrine from feature/SHRINE2020-1246 to develop
* commit... | | |
David Walend | b441dfee3da | Pull request #1345: Feature/SHRINE2020 1132
Merge in SHRINE/shrine from feature/SHRINE2020-1132 to develop
* commit... | | |
dwalend | c5b6b4f522b | Each receiver should have its own group for SHRINE2020-1132 | | |
dwalend | 316e60ba3d3 | Merge branch 'feature/SHRINE2020-1132' into bugfix/SHRINE2020-1252 | | |
dwalend | d66760e4721 | Only let tomcat create queues when using the legacy MOM system for SHRINE2020-1252 | | |
dwalend | ba1a1cd13ac | Missed deleting a chunk I commented out for SHRINE2020-1246 | | |
dwalend | 6b1c149d014 | Cut out some dead code and get the sql code right for SHRINE2020-1246 | | |
dwalend | 1d088390d1c | Added a STATUS column to the hub's QUERIES table for SHRINE2020-1246 | | |
Carl Woolf | 885d1b2aa48 | "shrineAuthorize" in proxyPass | | |
David Walend | fdace1357bb | Pull request #1346: Bumped the Scala version to 2.13.10 for SHRINE2020-1251
Merge in SHRINE/shrine from feature/SHRI... | | |
dwalend | 6cc97c63cb4 | Bumped the Scala version to 2.13.10 for SHRINE2020-1251 | | |
dwalend | 1897da200a8 | Cleanup before review for SHRINE2020-1132 | | |
dwalend | de61f26d862 | Made group id a property of the Network for SHRINE2020-1132 | | |
dwalend | 2111f2ead81 | Clearing todos for SHRINE2020-1132 | | |
dwalend | 7697acfc3db | Removed the properties level from the config for SHRINE2020-1132 | | |
dwalend | 7e6be1d66be | Added the remove permission function for SHRINE2020-1132 and SHRINE2020-1171 | | |
dwalend | 601b1a47542 | Got group access control lists working in the tool for SHRINE2020-1132 and SHRINE2020-1170 | | |
| Next → |
