ℹ️ Self Service Password
LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password if they lost it.
It works with any LDAP directory, including Active Directory.
📄 What's Changed
- feat(ssh): public key check ( #509 ) by @faust64 in #510
- docs(sshkey) by @faust64 in #512
- fix(mail): add sendmail to Docker image by @faust64 in #517
- docs(multi-tenancy): adds samples setting multi-tenancy header by @faust64 in #515
- If token was provided by SMS, check initial SMS code before changing password by @coudot in #521
- [Security:low] Dismiss captcha once it is used by @coudot in #522
- Merge 1.4 branch by @coudot in #523
- Typo in resetbytoken resulting in mails not being sent by @faust64 in #529
- adding Kerberos authentication support by @jazzl0ver in #536
- Change expired password as manager by @coudot in #530
- fix(version): mismatch between htdocs/index.php and rest/v1/include.php by @faust64 in #539
- core(update): apache 2.4.46 by @faust64 in #541
- Refactor pwned passwords by @faust64 in #540
- fix(notify): don't send notification if modification failed by @faust64 in #542
- docs(ratelimit): typo by @faust64 in #545
- feat(mails): using several mail attributes by @faust64 in #546
- fix(sshkeys): don't send mail notification when entry was not changed by @faust64 in #513
- Update de.inc.php by @usrflo in #547
- fix(docs): invalid nginx root serving ssp by @faust64 in #551
- Added sms api for signal-cli by @mfulz in #549
- fix(docs): ratelimit check interval should be 1h, not 1min by @faust64 in #558
- Document $allowed_lang var by @maxxer in #562
- Updated IT translation by @maxxer in #564
- Fix Error 500 when user is not found in ldap for sms reset by @mfulz in #571
- fix(api): phpmailer needs to be included (#573) by @faust64 in #576
- fix: captcha misaligned in the mobile version by @bondif in #588
- Update simplified Chinese translation by @tweea in #594
- fix(docs) - see #590 by @faust64 in #598
- Update fr translation by @vboucard in #606
- chore(deps): bump phpmailer/phpmailer from 6.4.1 to 6.5.0 in /lib by @dependabot in #559
- Fix some undefined warnings by @liedekef in #609
- fix apache / bullseye by @faust64 in #612
- Issue 608 by @doc-slice in #619
- Implement Argon2 hashing by @tleuxner in #628
- Add some cosmetic css properties to sshkey textarea by @spike77453 in #642
- Fix translation by @tvdijen in #646
- chore(deps): bump guzzlehttp/psr7 from 2.1.0 to 2.2.1 in /lib by @dependabot in #647
- chore(deps): bump guzzlehttp/guzzle from 7.4.0 to 7.4.4 in /lib by @dependabot in #659
- Update bootstrap to v3.4.1 by @bohze in #661
- chore(deps): bump guzzlehttp/guzzle from 7.4.4 to 7.4.5 in /lib by @dependabot in #664
- feat(sms): Allow more than one mobile attribute #658 by @artlog in #673
- Feat mail factorize attributes by @artlog in #675
- Update TR translation by @berkaycagir in #669
- fix(sshkey): should add one sshPublicKey per key by @faust64 in #514
- Remove warning "Decoding error" by @coudot in #676
- Fix 563 by @faust64 in #592
- Use correct message identifiers by @coudot in #677
- hide failure by default for mailnomatch issue #610 by @artlog in #685
- fix check password toward ldap attribute for token based methods by @artlog in #686
- captcha use dedicated session cookie fix #602 by @artlog in #680
- Rate limit optional support per ip (ratelimit_filter_by_ip) by @artlog in #683
- Add rate limit checking for any password change request include fix #654 by @artlog in #684
- Improve documentation, parse php code by @coudot in #696
- Fix password check ldap by @artlog in #688
- Use require_once for file inclusion by @coudot in #702
- Fix reset by questions display after password change by @coudot in #703
- Check parameters before calling hash_equals by @coudot in #699
- Get entry in checkpassword REST service by @coudot in #708
🤝 New Contributors
- @jazzl0ver made their first contribution in #536
- @usrflo made their first contribution in #547
- @mfulz made their first contribution in #549
- @maxxer made their first contribution in #562
- @bondif made their first contribution in #588
- @vboucard made their first contribution in #606
- @liedekef made their first contribution in #609
- @doc-slice made their first contribution in #619
- @tleuxner made their first contribution in #628
- @tvdijen made their first contribution in #646
- @artlog made their first contribution in #673
Full Changelog: v1.4.5...v1.5.0
⬇️ Download
Get tarball and packages on https://ltb-project.org/download.html
Use our apt and yum repositories to ease the installation:
- https://self-service-password.readthedocs.io/en/latest/installation.html#debian-ubuntu
- https://self-service-password.readthedocs.io/en/latest/installation.html#centos-redhat
You can also use our Docker image: https://hub.docker.com/r/ltbproject/self-service-password