* [BUGFIX] Set username retrieved from authentication backend in session.
In some setups, binding is case insensitive but Authelia is case
sensitive and therefore need the actual username as stored in the
authentication backend in order for Authelia to work correctly.
Fixes#561.
* Use uid attribute as unique user identifier in suites.
* Fix the integration tests.
* Update config.template.yml
* Compute user filter based on username attribute and users_filter.
The filter provided in users_filter is now combined with a filter
based on the username attribute to perform the LDAP search query
finding a user object from the username.
* Fix LDAP based integration tests.
* Update `users_filter` reference examples
* [FEATURE] Support writing logs in a file.
* Add documentation about logs file path.
* Rename logs_level and logs_file_path into log_level and log_file_path.
* Update BREAKING.md
Fixes#338
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
* Remove unused mongo docker-compose file.
* Default redirection URL was not taken into account.
* Fix possible storage options in config template.
* Remove useless checks in u2f registration endpoints.
* Add default redirection url in config of duo suite.
* Fix log line in response handler of 2FA methods.
* Fix integration tests.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
* Update Traefik 1.x to v1.7.20 for integration tests
* Add suite for Traefik 2.x
* Refactor Traefik2 suite to utilise Docker labels
* Move Traefik2 middleware definition to a file based provider
* Expose Traefik2 dashboard
The API/Dashboard can be reached at https://traefik.example.com:8080/
* Move Traefik frontend/backend definitions to Docker labels
* Move Traefik2 router/service definitions to Docker labels
* Normalise all Traefik configuration via labels and commands
When the the middleware issue with Traefik 2.x (#476) is resolved this means all Traefik related configuration can be self-contained within the respective docker-compose.yml files.
* Define ports for Authelia frontend/backend services
* Adjust Traefik2 suite to new dev workflow
* Normalise all Traefik2 middlewares via labels
* Fix typo in middleware and comment labels specifying Traefik version
- Adjust AUTH LOGIN functionality to be closer to AUTH PLAIN
- Removed: secure (notifier smtp conf) boolean string
- Added: disable_verify_cert (notifier smtp conf) boolean
- disables X509 validation of certificates
- Added: disable_require_tls (notifier smtp conf) boolean
- allows emails to be sent over plain text (for non-authenticated only)
- Added: trusted_cert (notifier smtp conf) string (path)
- allows specifying the path of a PEM format cert to add to trusted cert pool
- Make SMTP notifier return errors on connection over plain text
- Make SMTP notifier return errors on TLS connection with invalid certs
- Implemented various debug logging for the SMTP notifier
- Implemented explicit SMTP closes on errors (previously left con open)
- Split SMTPNotifier Send func to seperate funcs for:
- writing future test suites and startup checks more easily
- organization and readability
- Add details of changes to docs/security.yml
- Adjust config.yml's (template and test) for the changes
Clément Michaud
Amir Zarrinkafsh
James Elliott