Without this patch, SAML backend will only use the first letter of the NameID as attribute value.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
* The django middleware call stack behavior is changed by DRF. As a
result, during the process_request in sso/middlware.py request.user
is not set as you would expect it to be set from the middleware
django.contrib.auth.middleware.AuthenticationMiddleware
* purge_ansible_name:
Remove ansible reference from dev PKG-INFO
Add back in PRIVILEGE_ESCALATION_METHODS inadvertantly removed
Add awx_ and AWX_ environment vars and extra_vars alongside Tower
Refactor some tower periodic tasks to label as awx
Refactor Notification backend for tower -> awx
Refactor fact cache plugin from tower -> awx
Rename tower display plugins to awx display
Mass rename from ansible_(awx|tower) -> (awx|tower)
1. Default SOCIAL_AUTH_SAML_SP_ENTITY_ID to the Tower hostname/base URL.
2. Refer to the callback URL as the Assertion Consumer Service, per common SAML notation.
* release_3.1.3: (52 commits)
ack fact scan messages
making ldap user/group search fields into codemirror instances
removing UI parsing for LDAP User and Group Search fields
Allow exception view to accept all valid HTTP methods.
Restore ability of parsing extra_vars string for provisioning callback.
Fix up backup/restore role broken in f7a8e45809758322d9ee41c5305850dd70ed5faf
Stop / start ansible-tower-service during restores
value_to_python should encode lookup fields as ascii
fix brace interpolation on standard out pane
Adjust some hardcoded usages of 'awx' to use 'aw_user' and 'aw_group'.
Pull Spanish updates from Zanata
Temporarily grant awx user createdb role
Stop giving ownership of backups to postgres
don't display chunked lines'
Add dropdown li truncation with ellipsis
CTiT -> adhoc modules should allow the user to add new modules
Remove task that was replacing the supervisor systemd tmp file
Fix failing supervisorctl commands on RH-based distros
Give ownership of the supervisor socket to awx
Setting for external log emissions cert verification
...
django-auth-ldap can throw exceptions, like TypeError if it's
misconfigured. If we encounter an exception attempting to log into an
LDAP server, log it and move on (otherwise, an uncaught exception will
cause local login to fail, too).
see: #5933
don't assume that the callback URL contains the correct social_auth
backend name; instead, store it temporarily in the session at
`/login/sso/`
see: #5324
django-ldap-auth expects the "unset/empty" state of certain LDAP DN
settings (such as AUTH_LDAP_REQUIRE_GROUP and
AUTH_LDAP_USER_DN_TEMPLATE) to be NULL/None (not an empty string).
Resolves#4678
