[midPoint-git] [Evolveum/midpoint] 96aa85: fix for security issue on the self registration page
KaterynaHonchar
noreply at github.com
Mon May 29 16:36:01 CEST 2023
Branch: refs/heads/support-4.7
Home: https://github.com/Evolveum/midpoint
Commit: 96aa859864048e5b3e25d01a3d32fe1987c4fa8d
https://github.com/Evolveum/midpoint/commit/96aa859864048e5b3e25d01a3d32fe1987c4fa8d
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
A gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageInvitation.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageRegistrationBase.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageSelfRegistration.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java
A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/channel/InvitationAuthenticationChannel.java
A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/channel/InvitationChannelFactory.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/MidpointAuthFilter.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/expr/MidpointFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/AuthorizationConstants.java
M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/SecurityUtil.java
Log Message:
-----------
fix for security issue on the self registration page
Commit: 0496c2faa45555ab0a9a0ac6f3149672598abf3d
https://github.com/Evolveum/midpoint/commit/0496c2faa45555ab0a9a0ac6f3149672598abf3d
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
Log Message:
-----------
invitation link fix
Commit: 469df8e0c7f85e2d4ee56384f592416c15870b16
https://github.com/Evolveum/midpoint/commit/469df8e0c7f85e2d4ee56384f592416c15870b16
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAbstractFlow.java
Log Message:
-----------
self registration captcha fix
Commit: 407b890c0f950268f03e1f5cca08d205348c4050
https://github.com/Evolveum/midpoint/commit/407b890c0f950268f03e1f5cca08d205348c4050
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/captcha/CaptchaPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAbstractFlow.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageSelfRegistration.java
Log Message:
-----------
one more captcha fix
Commit: 360209cc4679c7e24ae4143423c569582a69202f
https://github.com/Evolveum/midpoint/commit/360209cc4679c7e24ae4143423c569582a69202f
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
A infra/common/src/main/java/com/evolveum/midpoint/common/RoleMiningExportUtils.java
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/config/AuthenticationEvaluator.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/evaluator/AuthenticationEvaluatorImpl.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/AbstractModuleFactory.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/LdapModuleFactory.java
A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/RefuseUnauthenticatedRequestFilter.java
A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/ldap/AuditedAuthenticationException.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/ldap/LdapDirContextAdapter.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/ldap/MidpointPrincipalContextMapper.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/provider/MidPointAbstractAuthenticationProvider.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/provider/MidPointLdapAuthenticationProvider.java
A tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/mining/BaseMiningOptions.java
A tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/mining/ExportMiningConsumerWorker.java
A tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/mining/ExportMiningOptions.java
A tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/mining/ExportMiningProducerWorker.java
A tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/mining/ExportMiningRepositoryAction.java
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/impl/Command.java
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/util/NinjaUtils.java
M tools/ninja/src/main/resources/messages.properties
Log Message:
-----------
Merge branch 'support-4.7' of https://github.com/Evolveum/midpoint into support-4.7
Commit: 045d1b534ba2171f09056c935d95179b9d126443
https://github.com/Evolveum/midpoint/commit/045d1b534ba2171f09056c935d95179b9d126443
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-05-29 (Mon, 29 May 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageRegistrationFinish.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/channel/InvitationAuthenticationChannel.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/MidpointExceptionTranslationFilter.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/configurers/MidpointExceptionHandlingConfigurer.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/MailNonceFormModuleWebSecurityConfigurer.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/RemoteModuleWebSecurityConfigurer.java
Log Message:
-----------
fix for invitation url usage without parameters
Compare: https://github.com/Evolveum/midpoint/compare/221c4447ca8a...045d1b534ba2
More information about the midPoint-svn
mailing list