aboutsummaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth/Login
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1071317: Remove unused variablesFrédéric Buclin2014-09-291-1/+0
| | | | r=gerv a=sgreen
* Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modulesFrédéric Buclin2014-08-135-0/+5
| | | | r=dkl a=sgreen
* Bug 1044701: "Uninitialized value $token_type" when passing an invalid ↵David Lawrence2014-07-311-1/+4
| | | | | | Bugzilla_api_token value r=sgreen,a=glob
* Bug 726696 - All authenticated WebServices methods should require ↵Simon Green2014-07-272-1/+65
| | | | | | username/pass, token or a valid API key for authentication r=dkl, a=sgreen
* Bug 1001497: User.login incorrectly returns id = 0 when the login or ↵Frédéric Buclin2014-04-251-1/+1
| | | | | | password is missing r=dkl a=justdave
* Bug 713926: (CVE-2014-1517) [SECURITY] Login form lacks CSRF protectionFrédéric Buclin2014-04-171-4/+37
| | | | r=dkl a=justdave
* Bug 987205: Bugzilla crashes because it tries to import a non-exported ↵Frédéric Buclin2014-04-141-1/+2
| | | | | | login_token() subroutine from Bugzilla::Auth::Login::Cookie r=dkl a=justdave
* Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ↵Dave Lawrence2013-10-161-3/+3
| | | | | | total entropy and allowing easier brute force r=LpSolit,a=sgreen
* Bug 917669 - invalid or expired authentication tokens and cookies should ↵Dave Lawrence2013-09-261-8/+13
| | | | | | throw errors, not be silently ignored r/a=glob
* Bug 893195 - Allow token based authentication for webservicesDave Lawrence2013-08-261-14/+54
| | | | r=glob,a=sgreen
* Bug 787668: Use |use parent| instead of |use base|Matt Selsky2012-12-013-3/+3
| | | | r/a=LpSolit
* Bug 787529: Use |use 5.10.1| everywhereFrédéric Buclin2012-09-014-0/+12
| | | | r=wicked a=LpSolit
* Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ↵Frédéric Buclin2012-01-114-82/+20
| | | | | | add it to files which miss one r=kiko r=mkanat r=mrbball a=LpSolit
* Make Login/Stack.pm refuse to continue down the stack if an Auth method ↵Gervase Markham2011-11-181-2/+8
| | | | | returns an explicit failure. r=dkl, a=mkanat. https://bugzilla.mozilla.org/show_bug.cgi?id=698423
* Bug 423612 - Allow editing extern_id for users from the admin interfaceJochen Wiedmann2011-04-272-0/+7
| | | | r=mkanat, a=mkanat
* Bug 550732: Allow read-only JSON-RPC methods to be called with GETMax Kanat-Alexander2010-04-223-0/+7
| | | | r=dkl, a=mkanat
* Bug 553770: Make the JSON-RPC WebService throw a proper error when you don'tMax Kanat-Alexander2010-03-231-4/+2
| | | | | | provide login credentials on a LOGIN_REQUIRED page. (Before this, it was attempting to display the HTML login page to JSON-RPC clients.) r=dkl, a=mkanat
* Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxiesmkanat%bugzilla.org2009-12-311-1/+1
| | | | Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
* Bug 385606: Logincookies are recreated at each HTTP request when using the ↵lpsolit%gmail.com2009-12-311-0/+1
| | | | 'Env' auth method - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
* Bug 430014: Re-write the code hooks system so that it uses modules instead ↵mkanat%bugzilla.org2009-11-241-1/+1
| | | | | | of individual .pl files Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat
* Bug 525734: Allow WebService clients to authenticate using Bugzilla_login ↵mkanat%bugzilla.org2009-11-091-5/+3
| | | | | | and Bugzilla_password Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
* Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric ↵lpsolit%gmail.com2009-10-181-17/+8
| | | | Buclin <LpSolit@gmail.com> r/a=mkanat
* Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org2009-10-091-11/+0
| | | | Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
* Bug 488467: Verify and Login auth methods were being called in a random ↵mkanat%bugzilla.org2009-04-171-1/+1
| | | | | | order, causing sudo sessions to frequently not need the user to re-enter their password. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
* Partial backout of bug 183665. It's responsible for bug 457719lpsolit%gmail.com2008-10-051-1/+1
|
* Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com2008-08-181-3/+8
| | | | | | | protects logins and param doesn't protect WebService calls at all Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat
* Bug 438435: Need code hooks for authenticationmkanat%bugzilla.org2008-08-071-4/+12
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
* Backing out these patches as they cause a regression. More informationdkl%redhat.com2008-07-291-3/+5
| | | | | | | | | | | in the respective bug reports. Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
* Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com2008-07-101-5/+3
| | | | | | protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
* Bug 183665: Accessing post_bug.cgi directly gives a weird error message and ↵lpsolit%gmail.com2007-11-151-1/+1
| | | | should redirect to enter_bug.cgi instead - Patch by Matt Tasker <mtasker@gmail.com> (based on the original patch from victory <spam@bmo2007.rsz.jp>) r/a=LpSolit
* Bug 224577: Bugzilla could use a web services interface.wurblzap%gmail.com2006-08-201-0/+7
| | | | | Patch by Marc Schumann <wurblzap@gmail.com>; r=mkanat; a=myk
* Bug 340967: The login form appears twice when trying to add an attachment ↵lpsolit%gmail.com2006-07-061-0/+15
| | | | (due to two consecutive calls to Bugzilla->login) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
* Bug 338375: Use Bugzilla->params everywhere instead of Param().mkanat%bugzilla.org2006-07-042-2/+0
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
* Bug 342869: Use Bugzilla->params everywhere except templatesmkanat%bugzilla.org2006-07-042-5/+7
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
* Spelling in code comments patch: 'cokie' -> 'cookie'; patch by Vlad Dascalu ↵vladd%bugzilla.org2006-06-191-1/+1
| | | | <vladd@bugzilla.org>.
* Bug 340104: Move Bugzilla::Auth::get_netaddr() in Util.pm - Patch by ↵lpsolit%gmail.com2006-06-031-2/+1
| | | | Frédéric Buclin <LpSolit@gmail.com> r/a=justdave
* Bug 339858: Remove useless module dependencies in Bugzilla::Auth::* - Patch ↵lpsolit%gmail.com2006-06-013-3/+1
| | | | by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
* Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org2006-05-128-655/+297
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
* Patch for bug 161369: Strip trailing whitespace from login usernames; patch ↵jocuri%softhome.net2006-03-031-1/+1
| | | | by Paul <pdemarco@zoominternet.net>, r=vladd, a=justdave.
* Bug 327355: Email preferences are not set correctly when the user account is ↵lpsolit%gmail.com2006-02-221-101/+63
| | | | created by Env.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=justdave
* Bug 322620: Logging in with 'Remember my Login' deselected gives: Use of ↵lpsolit%gmail.com2006-01-101-0/+1
| | | | uninitialized value in string eq at Bugzilla/Auth/Login/WWW/CGI.pm line 83 - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
* Bug 322244: Cookies are incorrectly detainted when logging out - Patch by ↵lpsolit%gmail.com2006-01-051-1/+1
| | | | Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
* Bug 119524: SECURITY: predictable sessionid (Use a token instead of ↵lpsolit%gmail.com2006-01-031-4/+6
| | | | logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave
* Bug 279716: Users have to relogin when changing their own password - Patch ↵lpsolit%gmail.com2005-11-221-2/+12
| | | | by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave
* Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Frédéric ↵lpsolit%gmail.com2005-10-311-4/+0
| | | | Buclin <LpSolit@gmail.com> r=wicked a=justdave
* Bug 304583: Remove all remaining need to rederive inherited groupsbugreport%peshkin.net2005-08-191-0/+9
| | | | | Patch by Joel Peshkin <bugreport@peshkin.net> r=mkanat, a=justdave
* Bug 300403: New Charts errors out, creates new 'add' user, when Env auth ↵lpsolit%gmail.com2005-07-261-2/+6
| | | | method is used - Patch by A. Karl Kornel <karl@kornel.name> r=wurblzap a=justdave
* Bug 301967: Some .pm files have invalid POD syntax - Patch by Frédéric ↵lpsolit%gmail.com2005-07-261-1/+3
| | | | Buclin <LpSolit@gmail.com> r=wurblzap a=justdave
* Bug 298659: setting authentication to LDAP,DB failsmkanat%kerio.com2005-07-081-2/+2
| | | | Patch By A. Karl Kornel <karl@kornel.name> r=glob, a=justdave
* Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case ↵mkanat%kerio.com2005-07-081-1/+2
| | | | | | insensitive Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-22 14:59:40 +0000