Branch: refs/heads/SECURITY-1389-JTN
Home: https://github.com/jenkinsci/active-directory-plugin
Commit: a2e3624efd12c1457a51646ea08b044b92b072de
https://github.com/jenkinsci/active-directory-plugin/commit/a2e3624efd12c1457a51646ea08b044b92b072de
Author: James Nord <[email protected]>
Date: 2021-06-15 (Tue, 15 Jun 2021)
Changed paths:
M pom.xml
Log Message:
-----------
Prepare version for SECURITY release
Commit: 6e7f9d4b2e5f1393bdf2f38771d6959cd2b0ab18
https://github.com/jenkinsci/active-directory-plugin/commit/6e7f9d4b2e5f1393bdf2f38771d6959cd2b0ab18
Author: James Nord <[email protected]>
Date: 2021-06-15 (Tue, 15 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
M
src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
M
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/config.jelly
A
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/help-requireTLS.html
M
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/help-startTls.html
A
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/requireTLS.jelly
Log Message:
-----------
[SECURITY-1389] The ADSI provided did not require secure comms with the AD
Server
there are 2 ways to do enctyption with ADSI
1) use TLS (basically ldap over SSL)
2) use kerberos encryption.
If we use Kerberos encryption we still need signing to prevent person in
the middle attacks.
As the Unix provider could be forced to use SSL with a system property
it felt easier to make this an offical config that both ADSI and
UnixProvider could use to determine how to talk to AD.
For AD if we have not been told to use SSL then we use kerberos to
prevent snooping and PitM attachs
Commit: 5b858ea1bab899f499b0b49ee367258a066e3725
https://github.com/jenkinsci/active-directory-plugin/commit/5b858ea1bab899f499b0b49ee367258a066e3725
Author: James Nord <[email protected]>
Date: 2021-06-18 (Fri, 18 Jun 2021)
Changed paths:
M
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/help-requireTLS.html
Log Message:
-----------
Update the require TLS help
Commit: 5fe78f890befea37be058205de3b45d7c11bbad9
https://github.com/jenkinsci/active-directory-plugin/commit/5fe78f890befea37be058205de3b45d7c11bbad9
Author: James Nord <[email protected]>
Date: 2021-06-18 (Fri, 18 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
M src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java
Log Message:
-----------
[SECURIY-1389] default flags same as before and fix potential NPE
Commit: 1923725ed2a969d01cf206ca725d3c34197e87ce
https://github.com/jenkinsci/active-directory-plugin/commit/1923725ed2a969d01cf206ca725d3c34197e87ce
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
A
src/main/java/hudson/plugins/active_directory/Security1389AdministrativeMonitor.java
A
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitor/message.jelly
A
src/test/java/hudson/plugins/active_directory/Security1389AdministrativeMonitorTest.java
A
src/test/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorTest/config.xml
Log Message:
-----------
[SECURITY-1389] add an AdminMonitor prompting the user to update their config
Commit: 46f1235dd5394cded308f037a4eb2bf416a68247
https://github.com/jenkinsci/active-directory-plugin/commit/46f1235dd5394cded308f037a4eb2bf416a68247
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
M
src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
A
src/main/java/hudson/plugins/active_directory/Security1389AdministrativeMonitorLegacySysProp.java
M
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/requireTLS.jelly
A
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorKegacySysProp/message.jelly
Log Message:
-----------
[SECURITY-1389] Check if the user has set System properties.
if the user is still using the `forceLdaps` system property after
updating their config show an AdministrativeMonitor.
Likewise if the user has set ADSI flags then add a warning in the
configuration page that the checkbox has no affect
Commit: e47f8533cd26a564209dd664f083678b8bc445f2
https://github.com/jenkinsci/active-directory-plugin/commit/e47f8533cd26a564209dd664f083678b8bc445f2
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorKegacySysProp/message.jelly
Log Message:
-----------
[SECURITY-1389] incorrect XML in message.jelly
Commit: 3b6fae8f6eb10143ec5f188df1b36a621618e5c6
https://github.com/jenkinsci/active-directory-plugin/commit/3b6fae8f6eb10143ec5f188df1b36a621618e5c6
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
M
src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
M
src/main/resources/hudson/plugins/active_directory/ActiveDirectorySecurityRealm/help-requireTLS.html
Log Message:
-----------
Apply suggestions from code review
Co-authored-by: Daniel Beck <[email protected]>
Commit: 9623f1de909cdd5cc6c60258df3aec47f5a5663f
https://github.com/jenkinsci/active-directory-plugin/commit/9623f1de909cdd5cc6c60258df3aec47f5a5663f
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitor/message.jelly
A
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitor/message.properties
R
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorKegacySysProp/message.jelly
A
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorLegacySysProp/message.jelly
A
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorLegacySysProp/message.properties
Log Message:
-----------
[SECURITY-1389] add support for il8n in the admin monitors
Commit: 35e4107435057ca9a7ab836c04f36568d9783ddb
https://github.com/jenkinsci/active-directory-plugin/commit/35e4107435057ca9a7ab836c04f36568d9783ddb
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitor/message.jelly
M
src/main/resources/hudson/plugins/active_directory/Security1389AdministrativeMonitorLegacySysProp/message.jelly
Log Message:
-----------
[SECURITY-1389] add trailing newline to jelly files
Commit: 283000cf70c00fd0a1a7dcd16fe47946f1b4d601
https://github.com/jenkinsci/active-directory-plugin/commit/283000cf70c00fd0a1a7dcd16fe47946f1b4d601
Author: James Nord <[email protected]>
Date: 2021-06-21 (Mon, 21 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
Log Message:
-----------
clarify the isRequireTLS in the descriptor
Commit: 18c6af35b84ab8f94a61624212be650ca732ad40
https://github.com/jenkinsci/active-directory-plugin/commit/18c6af35b84ab8f94a61624212be650ca732ad40
Author: James Nord <[email protected]>
Date: 2021-06-22 (Tue, 22 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
Log Message:
-----------
[SECURITY-1389] use signing and sealing in non TLS mode
Commit: bb63f77efe902d50efb10bf7c29ea7dc2d4fd52e
https://github.com/jenkinsci/active-directory-plugin/commit/bb63f77efe902d50efb10bf7c29ea7dc2d4fd52e
Author: James Nord <[email protected]>
Date: 2021-06-23 (Wed, 23 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
Log Message:
-----------
[SECURITY-1389] make lookup of the root DN use TLS also
Commit: 0d62910c6ce7e8387d467afafd1f034c9bad2eb5
https://github.com/jenkinsci/active-directory-plugin/commit/0d62910c6ce7e8387d467afafd1f034c9bad2eb5
Author: James Nord <[email protected]>
Date: 2021-06-23 (Wed, 23 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
Log Message:
-----------
[SECURITY-1389] use jenkins.io redirects
Commit: e6bb38d8e1904a362f102ddedd5ed453530a03f2
https://github.com/jenkinsci/active-directory-plugin/commit/e6bb38d8e1904a362f102ddedd5ed453530a03f2
Author: James Nord <[email protected]>
Date: 2021-06-23 (Wed, 23 Jun 2021)
Changed paths:
M
src/main/java/hudson/plugins/active_directory/ActiveDirectoryAuthenticationProvider.java
Log Message:
-----------
[SECURITY-1389] use www. for jenkins.io
Commit: 813a661de3326b949cf67a98a3025242a9e59f58
https://github.com/jenkinsci/active-directory-plugin/commit/813a661de3326b949cf67a98a3025242a9e59f58
Author: fbelzunc <[email protected]>
Date: 2021-07-01 (Thu, 01 Jul 2021)
Changed paths:
M
src/test/java/hudson/plugins/active_directory/docker/EntoEndUserCacheLookupDisabledTest.java
M
src/test/java/hudson/plugins/active_directory/docker/EntoEndUserCacheLookupEnabledTest.java
M
src/test/java/hudson/plugins/active_directory/docker/TheFlintstonesTest.java
Log Message:
-----------
[SECURITY-1389] Fix unix integration test, but will not actually test TLS
functionality.
Compare:
https://github.com/jenkinsci/active-directory-plugin/compare/a2e3624efd12%5E...813a661de332
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/active-directory-plugin/push/refs/heads/SECURITY-1389-JTN/000000-813a66%40github.com.
