 Carl Woolf | b7c240f4b79 | remove confusing / provocative comment | | |
Carl Woolf | d3bc8ab1a34 | tweak val-names, and more-concise expressions | | |
Carl Woolf | 76dadf9cbdb | for PR comment | | |
 Marc-Danie Nazaire | acc5fc6aad7 | removed kafka trust store | | |
Carl Woolf | 6845c8686f9 | regex authorizer can parse negative regex | | |
Marc-Danie Nazaire | b3485860477 | modifier sasl jaas config to use plainloginmodule | | |
Carl Woolf | 2fa17fbbbd9 | adjust pretty-print of user-info. provide regex authorizer | | |
Carl Woolf | 564a0b80623 | clean up comment | | |
 Xav | 5f0beabd51a | Merge branch 'develop' into sso-phase2 | | |
 dwalend | fa323698a92 | Unwind blocker for SHRINE2020-1305 | | |
dwalend | d86b87910ba | Added a little logging, and try moving the kafka send to the http client thread pool for SHRINE2020-1305 | | |
dwalend | ca9618a9bed | Merge remote-tracking branch 'origin/develop' into bugfix/SHRINE2020-1306 | | |
Xav | f47d55cffae | cleaning up my mess | | |
Xav | 714cf7eda63 | Revert "fix class name; remove unused POM dependency"
This reverts commit 5dda9d218ef986250954d3b355d49bdedd931ec8. | | |
Xav | d12da8f12e5 | Revert "code for a new attribute provider based on using Xpath to extract attributes from XML returned by end-points"... | | |
Xav | 5dda9d218ef | fix class name; remove unused POM dependency | | |
Xav | b599ea26fe1 | code for a new attribute provider based on using Xpath to extract attributes from XML returned by end-points | | |
dwalend | 18f41f10d04 | Try receiving messages using the db thread pool for SHRINE2020-1306 | | |
Carl Woolf | c2fdd066a10 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | a7956bf8e18 | dump of user info may be good for regex authz | | |
Xav | d568ad5941c | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xav | d0951716762 | remove console.log() statements by Carl and Xav | | |
dwalend | a74c25d99ef | Try some withTransactionIsolation(TransactionIsolation.RepeatableRead) for SHRINE2020-1306 | | |
 David Walend | ef4a8a17920 | Pull request #1359: Bugfix/SHRINE2020 1282
Merge in SHRINE/shrine from bugfix/SHRINE2020-1282 to develop
* commit '... | | |
dwalend | db240d29655 | Added some .withTransactionIsolation(TransactionIsolation.Serializable) for SHRINE2020-1306 | | |
Carl Woolf | 0de6f75986b | profiles to use faculty-type | | |
Carl Woolf | 2f031806952 | adjust semantics of bw authorizer per demo meeting | | |
dwalend | 5a55a82f230 | Trying a bounded thread pool and some fairness for SHRINE2020-1306. I think it'll actually also need a queue, but bab... | | |
Xav | 1eb7fddce23 | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2 | | |
Xav | 10b23d513d6 | Create a new authorizer class which looks only at the black- and white-list attributes | | |
dwalend | cd7685cacd8 | An experiment - can I force ACID by bringing allTableVersions' query row into the transaction at the beginning - for ... | | |
Carl Woolf | 5bcc55213d9 | remove speculative additions to middleware user-object | | |
Marc-Danie Nazaire | b36c466d7c8 | Fixed tutorial not being displayed after manually logging out and logging back in | | |
Marc-Danie Nazaire | 176cebd860d | Fixed tutorial not being displayed after automatic session timeout logout | | |
Carl Woolf | 077a3d11991 | cleanup IdleTimer -- no clearLogin, as also in Header | | |
Xav | 1d6cbcd9443 | remove tutorial dialog when clicking the log off button from the timeout dialog | | |
dwalend | ee59cb4d0f3 | Review cleanup for SHRINE2020-1282 | | |
Xav | 9faff23bcf4 | remove tutorial dialog when clicking the log off button from the timeout dialog | | |
Xav | f5167f6b091 | reinstate lines commented out in error | | |
dwalend | ff0ec444afb | Try using the java api for SHRINE2020-1282 | | |
dwalend | cd577fb0b30 | One more try at using a resource outside of context for SHRINE2020-1282 | | |
Xav | 9c20c6ed742 | added instrumentation around IdleTimer and Tutorial | | |
Carl Woolf | acd16dd0511 | oops, sometimes it's ok to be in a negative mood | | |
Carl Woolf | 8801fe41b97 | proposed solution for network.config as well as clearLogin | | |
Carl Woolf | 0bf6704f872 | improve url persistence logic | | |
Marc-Danie Nazaire | 1e8620e8e80 | SHRINE2020-1282 - CRC invocations are not using the right thread pool- Modified to use a specified blocker in produce... | | |
Carl Woolf | de064e62842 | instrumentation for exploring timeout behavior | | |
Marc-Danie Nazaire | 6d141b6777f | SHRINE2020-1282 - CRC invocations are not using the right thread pool- Modified to create a KafkaProducer resource | | |
Xav | baf669a56b5 | back to buggy teimout/logout behavior with dispatch(clearLogin()) | | |
Xav | 8c65f7d4eb3 | code clean up | | |
Carl Woolf | 45b627a0f54 | have some embedded util code to show headers/cookies | | |
Carl Woolf | d167d8ae882 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | 81cada34736 | see if idleTimer less flaky without gratuitous dispatch to clearLogin() | | |
Xav | 7a2a8dfd47f | sync-up no-sp.conf file with what is in the shrine-sso-config repo right now | | |
Carl Woolf | ded7458b1ca | use filter only if 'sso' mode. tweak configs | | |
Carl Woolf | 542e002ee02 | refrain from loading authz-related 'services' if non-sso | | |
Xav | 440925591a8 | stop looking for "unauthorizedUrl" config property under all PM/SSO/Authz permutations, because it may legitimately n... | | |
Xav | 48bb922b115 | add missing unauthorized message to sample config file | | |
Carl Woolf | cf870af2269 | cleanup some cruft, hone comments and readme | | |
Carl Woolf | 1e1ace4973c | tweak sample config and some logic | | |
Carl Woolf | b98fa552a46 | arrange methods in order of usage | | |
Carl Woolf | 57db8de3b45 | tweak comment, adjust location of vals | | |
Carl Woolf | 8e70e5a0430 | cleanup imports, and one comment | | |
Carl Woolf | 276d3a69e30 | eliminate yet another magic string | | |
Carl Woolf | 3eebb1b2b71 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | 962a4f8c202 | eliminate another magic string | | |
Xav | 104a0b98791 | simplify logic / remove redundancy in AuthorizationService | | |
Carl Woolf | 68fb3a5bb3e | eliminate magic string | | |
Carl Woolf | 4e51dcb9012 | prune the pom | | |
Xav | 223e0b3cb5d | simplify logic / remove redundancy in AuthorizationService | | |
Xav | b4de317dcaa | add no-sp.conf-sample file, edit sp.conf-sample to reflect new way of handling isSsoMode cookie | | |
Xav | 199b14c90ba | new sample shrineSP.conf file with content to choose from for 3 modes of authentication and authorization (PM, SSO, S... | | |
Xav | e2449d9c425 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xav | 6616d187276 | style the unauthorized page text by copying the computed CSS of the paragraph "Define Inclusion and Exclusion Criteri... | | |
dwalend | fa4b513ecac | Try a pipe for SHRINE2020-1282 | | |
Carl Woolf | c860695160e | extra console log for idle-timer logout | | |
dwalend | a5b1fb72177 | Try a lazy approach so that the deploy script can run for SHRINE2020-1282 | | |
dwalend | 65ef3105f61 | Now without locking up the network setup tool forever SHRINE2020-1282 | | |
Carl Woolf | bd528694b5b | extra console log for idle-timer logout | | |
dwalend | d42b6e8ce6b | Some logging to see what's going on for SHRINE2020-1282 | | |
Carl Woolf | 02c71de2572 | hardier handling of 'free-pass' urls in filter | | |
dwalend | 7448c4de68d | Maybe reusing the producer in fs2-kafka for SHRINE2020-1282 | | |
dwalend | d241f9fba76 | Try a drain for SHRINE2020-1282 | | |
Carl Woolf | dbeb562528a | React-based wiring for unauth page to use config'd message | | |
dwalend | 9bd7fc5ce4a | Rolling back the bounded thread pool for SHRINE2020-1282 | | |
dwalend | 579effc62e3 | Possible fix for SHRINE2020-1282 - found and maybe fixed a thread leak | | |
Carl Woolf | 5311655dde3 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | d22327cbe91 | basis for styling unauth page | | |
Xav | 2f0288770c6 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xav | 28b84a2f4a8 | make unauthorized message configurable and pass it to the front-end as part of the webClientConfig JSON content | | |
Marc-Danie Nazaire | ff0983f0661 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Marc-Danie Nazaire | c2fd34961a3 | Moved UnAuthorized from pages to componentd | | |
Carl Woolf | 3379feef6d6 | remove toy properties from map | | |
Carl Woolf | cd2404288f7 | Merge remote-tracking branch 'origin/develop' into sso-phase2
# Conflicts:
# commons/util/src/main/scala/net/shrine/... | | |
Marc-Danie Nazaire | e2111f3bb14 | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2
� Conflicts:
... | | |
Marc-Danie Nazaire | 4ec1791dcab | Changes for loading unauthorized page | | |
dwalend | 2d3fdfaab9d | Bounded thread pools and more logging for SHRINE2020-1282 | | |
Carl Woolf | 326f5142a50 | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2
# Conflicts:
# shrine-setup/src/main/resources/sso/... | | |
Carl Woolf | 32b3b3fa909 | update isSsoCookie creation | | |
dwalend | ace0bed1db1 | Checkpointing SHRINE2020-1218, maybe a third of the way to compiling the big change | | |
Xav | 98dac63e841 | fix how the unauthorized URL gets handled | | |
Marc-Danie Nazaire | b10f0c9c6a6 | Added new UnAuthorized page to pages/index.js | | |
Marc-Danie Nazaire | 36dd3a5bf5d | Added new UnAuthorized page to pages/index.js | | |
Xav | 172785a3d6e | trying to make unauthorized page work | | |
Xav | b9b951968e2 | fix error in comment regarding use of HTTP vs AJP | | |
Xav | 7633d2c40b6 | pare down sample config files to only what is needed / remove redundancy | | |
Xav | 65392a6b2a5 | add one though the previous documentation | | |
Xav | 33f41c521d0 | Add TODO documenting discussion between developers | | |
dwalend | ca5aa95617d | Removed dependency on reactive streams for SHRINE2020-1218 | | |
David Walend | 57722cc495a | Pull request #1357: Fix for SHRINE2020-1281 - removed a dependency on SEnum and some very simple tests
Merge in SHRI... | | |
Xav | 19218ccb7f0 | update sample config files to use AJP again | | |
Xav | 9218d3f3e56 | update sample config files | | |
Carl Woolf | e4c08025411 | make generalAuthorization property in userInfo available in session (though for now, not in the smoke output) | | |
Carl Woolf | 6f45f4ace27 | wire userInfo into the login-session lifecycle | | |
dwalend | b6ede2bbd2d | Fix for SHRINE2020-1281 - removed a dependency on SEnum and some very simple tests | | |
Carl Woolf | 9f9652f3dca | eliminate (we think an) unnecessary cookie config | | |
Carl Woolf | ab51c6abbd9 | replace diagnostic cookies with stub use of session | | |
David Walend | 8602501a676 | Pull request #1356: Feature/SHRINE2020 846
Merge in SHRINE/shrine from feature/SHRINE2020-846 to develop
* commit '... | | |
dwalend | a8cda1e210f | Code review fix from Marc-Danie for SHRINE2020-846 | | |
dwalend | 111943dd771 | Fixed a wildcard in an import for SHRINE2020-1280 | | |
Xav | 2f3c2159be3 | pass cookie to apache server and from there to the browser (by setting max-age to -1) | | |
Xav | d7affff2704 | pass cookie to apache server by setting max-age to -1 | | |
dwalend | 3fa6562f1af | Merge remote-tracking branch 'origin/develop' into feature/SHRINE2020-846 | | |
dwalend | 1955b467150 | Comments mostly about punting work into the future for SHRINE2020-846 | | |
dwalend | 712915dfd15 | Some tidying up for SHIRNE2020-846 before taking on RunQueryResponse | | |
Carl Woolf | d74f9883fcb | simplify smoke/cookies endpoint. remove defunct dump-map code | | |
Carl Woolf | cfc1d199310 | precise URI's for authz-free-pass | | |
Xav | 9b055235a37 | Create a test cookie | | |
Carl Woolf | 240e265f99a | new, improved filter, for more robust authorization, logouts seem to work better | | |
Marc-Danie Nazaire | 2787f94c598 | Pull request #1355: Feature/SHRINE2020 1198 - Update docker container to use 1.7.13
Merge in SHRINE/shrine from feat... | | |
dwalend | 00bce0f3575 | Cleaned out ReadQueryInstancesResponse for SHRINE2020-846 | | |
dwalend | bb9cd6f09bc | Removed AbstractReadInstanceResultsResponse for SHRINE2020-846 | | |
Marc-Danie Nazaire | 0a34a89360f | SHRINE2020-1198 - Update docker container to use 1.7.13 - Fixed tomcat startup when network already exists | | |
David Walend | 0b16205852b | Pull request #1354: Feature/SHRINE2020 1273
Merge in SHRINE/shrine from feature/SHRINE2020-1273 to develop
* commit... | | |
Marc-Danie Nazaire | c4488e83833 | SHRINE2020-1198 - Update docker container to use 1.7.13 - Fixed mysql jdc deprecated error in log and restarting network | | |
Xav | e17903304f3 | flesh out stub for calling authz from middleware; move authorization logic from AuthzHttp4sResource to AuthorizationS... | | |
Marc-Danie Nazaire | b224b39bf04 | SHRINE2020-1198 - Update docker container to use 1.7.13 - updated myql connector library and the
tomcat container ver... | | |
dwalend | 8e5a37cb2f7 | Moved ReadInstanceResultsResponse into a CrcClient. Fix for SHRINE-2706 and more work toward SHRINE2020-846 | | |
Carl Woolf | 77ff0082f2e | stub for calling authz from middleware | | |
Carl Woolf | c2abd518be0 | change name of middleware object | | |
Marc-Danie Nazaire | 3811bd08274 | SHRINE2020-1198 - Update docker container to use 1.7.13 | | |
dwalend | d0a4e5e82e1 | Added a query id to CrcClient's hofs for SHRINE2020-846 | | |
dwalend | 74490e65f26 | Replaced ReadResultClient with a call to a generified CrcClient for SHRINE2020-846 | | |
dwalend | fc296911502 | Decided Client was a fine postfix for named-requesters for SHRINE2020-846 | | |
Xav | 605731c63c4 | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2 | | |
Carl Woolf | de5c971035e | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Carl Woolf | 44a403bd16f | add trivial map to output of ..../qep/login . Coming Soon: authz info? | | |
Xav | d3177dde3f7 | remove dead config | | |
Xav | 005478809ab | see if HttpSession is persistent | | |
Xav | 972f379b5da | Merge remote-tracking branch 'origin/sso-phase2' into sso-phase2 | | |
Xav | fd2557327cd | try using HttpSession again | | |
Carl Woolf | 0c69e626c6d | yeah, currently do not believe in guard, it seems not to help | | |
dwalend | 04be610a5de | My own review of SHRINE2020-1273 | | |
Carl Woolf | a09292cbfc2 | remove (doubled) filter declarations from web.xml -- they are declared via annotations | | |
dwalend | 0ee3d591c91 | Little bits while testing AWS SQS without FIFO for SHRINE2020-1273 | | |
Carl Woolf | 6e6331df13a | more guards for 'committed' servletResponse | | |
Carl Woolf | 219d80a4fa0 | do not need to be authorized in order to logout! | | |
Carl Woolf | 6d831a7bee1 | more robust guard for 'committed' httpResponse | | |
Carl Woolf | e5ca0d907ec | move url val to block where it is used | | |
Carl Woolf | 5d0a9ed5682 | break out 'guard condition' once more | | |
Carl Woolf | 2dacfb9892f | oops, need == but had != | | |
Carl Woolf | ae1c26b9dbe | clean up filter a bit | | |
Carl Woolf | 61039798b35 | adjust logic so that it does require checkAndRedirect for the checkAndRedirect itself! | | |
dwalend | 172763aab47 | More switching FIFO off for SHRINE2020-1273 | | |
dwalend | 6cbd3067c74 | More switching FIFO off for SHRINE2020-1273 | | |
Carl Woolf | 9ecc48f304a | add biz logic to new filter, checks every request for authzn, redirecting to request url if successful | | |
dwalend | cdef74835f9 | Try timing without FIFO for SHRINE2020-1273 | | |
David Walend | ead72df1465 | Pull request #1353: Work-around for AWS SQS's limit of 50 Principals in a policy Statement for SHRINE2020-1272
Merge... | | |
Carl Woolf | c2db8b2777c | nascent authzn filter, biz logic to follow | | |
Carl Woolf | 60d80547ae0 | tweaks to code | | |
dwalend | 7b69dd8e9b0 | Better comments from Marc-Danie's review of SHRINE2020-1272 | | |
dwalend | 17ed3edf4dc | FIFO queues need a deduplication field. I'm trying messageDeduplicationId for SHRINE2020-1273 | | |
dwalend | ba5ef4d8077 | Changes to get the hub audit tool prototype working again to support SHRINE2020-1273 | | |
dwalend | 8004207acf4 | Old cut-paste typo for SHRINE2020-1272 | | |
Xav | da9871bd235 | upon hitting our logout endpoint, redirect to Shibboleth logout URL | | |
Xav | a206107f8a3 | allow for multiple databases; move the configuration of the B/W list's database config so it is with the rest of the ... | | |
Xav | 37098685967 | Externalize end-point attribute providers' regex names and values; allow any number of such regexes | | |
dwalend | c78fa8fb900 | Missed the new property in the shrine-setup shrine.conf for SHRINE2020-1272 | | |
Xav | 5d052b1abb4 | Merge branch 'sso-phase2' of https://open.catalyst.harvard.edu/stash/scm/shrine/shrine into sso-phase2
� Conflicts:
... | | |
Carl Woolf | 5d9b90ab181 | add some integrity to Headers provider: parameter user must be equal to the REMOTE_USER | | |
dwalend | ad26fd140c8 | Work-around for AWS SQS's limit of 50 Principals in a policy Statement for SHRINE2020-1272 | | |
Carl Woolf | 1bc8f1f8a13 | reorganize smoke-test urls. move white-black-list db code near its attr provider | | |
Xav | 5d1d2d858cd | remove unused variable | | |
Xav | e82a24081fb | externalize the logout URL | | |
Carl Woolf | 9d05b06aa5c | authz/logout should be no-op if conf says no authz | | |
Carl Woolf | 3056d6a5489 | need to at least force logout when authzn fails | | |
dwalend | 801687e555b | Need to restart the QueuedQueriesPoller when the CRC gives us an incomplete result for SHRINE2020-846 and SHRINE2020-621 | | |
Carl Woolf | 8ae4422582f | add b-w-list logic to hms-authorization. enable authzn in config. put cw183, xh54 and fp75 on white-list | | |
| Next → |
