* [BUGFIX] Fix crash when no emails or groups are retrieved from LDAP.
If group or email attribute configured by user in configuration is not
found in user object the list of attributes in LDAP search result is empty.
This change introduces a check before accessing the first element of the
list which previously led to out of bound access.
Fixes#647.
* [MISC] Change log level of LDAP connection creation to trace.
* [FEATURE] SMTPS Support
- Added port_tls option to enable SMTPS, off by default.
* Remove configuration variable for SMTPS
Instead we enable SMTPS on port 465 only. The reason for this is so we don't require an additional configuration variable.
* Add SMTPS warning and updated docs
* Adjust SMTPS warning
* Help users detect misconfiguration of their protected domain.
Sometimes users try to visit an URL pointing to a domain which is
not protected by Authelia and thus authentication fails. This log
line will help users detect those cases.
* Add a log to detect bad schemes in target URLs.
This helps users detect when an URL is http while it should be https.
Indeed, cookies are transported solely over a secure connection for
security reasons.
* Explicit document missing X-Forwarded-Proto and X-Fowarded-Host headers.
* Add the name of the authorization header in error messages.
* Add error and debug logs about X-Original-URL header.
* Add error log when not able to parse target URL in verify endpoint.
* Fix unit tests.
* [Buildkite] Fix changelog output for github releases
Fetch is required to grab the latest tag, this will ensure the correct data is generated
* [Buildkite] Only clean tags on pushes to master
Also ensure that master tag is not removed on github API failures.
* [Buildkite] Fix tag publishing for releases
* [Buildkite] Minor tweaks to github changelog output
* Redirect to default URL after 1FA when default policy is one_factor.
User is now redirected to the default redirection URL after 1FA if
the default policy is set to one_factor and there is no target URL
or if the target URL is unsafe.
Also, if the default policy is set to one_factor and the user is already
authenticated, if she visits the login portal, the 'already authenticated'
view is displayed with a logout button.
This fixes#581.
* Update users.yml
* Fix permissions issue causing suite test failure
* Remove unused mongo docker-compose file.
* Default redirection URL was not taken into account.
* Fix possible storage options in config template.
* Remove useless checks in u2f registration endpoints.
* Add default redirection url in config of duo suite.
* Fix log line in response handler of 2FA methods.
* Fix integration tests.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
* Update README.md
Provide badges and references to the AUR for Arch Linux Authelia packages.
Closes#571#572.
* Add systemd unit file
Include the unit in future release artifacts.
* Remove CHANGELOG.md
As of future releases Changelog details will dynamically be generated.
* Update README.md
Add badge for authelia-git package.
* Update Changelog to only publish explicit Docker tag
Do not include Major and Minor versions, as these will change over time.
This reduce the size of the docker image and avoid confusing users.
We keep the commands in authelia-scripts too in order to keep the
current workflow of developers.