mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-17 08:41:12 +01:00
Code Issues Projects Releases Wiki Activity
6,475 Commits 2,845 Branches 459 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Jeff Mitchell
2f6c2b88bb Sanitize policy behavior across backends (#3324) 
Fixes #3323
Fixes #3318

* Fix tests

* Fix tests
 2017-09-13 11:36:52 -04:00
vishalnayak
80faa2f4ed s/logical.ErrorResponse/fmt.Errorf in renewal functions of credential backends 2016-05-26 10:21:03 -04:00
vishalnayak
5f1829af67 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell
aca4e79ac6 If no group DN is configured, still look for policies on local users and 
return a warning, rather than just trying to do an LDAP search on an
empty string.
 2016-04-02 13:11:36 -04:00
Jeff Mitchell
7ce9701800 Properly check for policy equivalency during renewal. 
This introduces a function that compares two string policy sets while
ignoring the presence of "default" (since it's added by core, not the
backend), and ensuring that ordering and/or duplication are not failure
conditions.

Fixes #1256
 2016-03-24 09:41:51 -04:00
Jeff Mitchell
7ef904b930 Use better error message on LDAP renew failure 2016-03-07 09:34:16 -05:00
Jeff Mitchell
331f57c082 Update LDAP documentation with a note on escaping 2016-02-19 13:16:18 -05:00
Jeff Mitchell
2eb08d3bde Make backends much more consistent: 
1) Use the new LeaseExtend
2) Use default values controlled by mount tuning/system defaults instead
of a random hard coded value
3) Remove grace periods
 2016-01-29 20:03:37 -05:00
Jeff Mitchell
45e32756ea WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Armon Dadgar
de6ce89c39 Fixing merge conflict 2015-06-29 14:50:55 -07:00
Armon Dadgar
28dd283c93 builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Ian Unruh
82bca95537 Allow dot in LDAP login username 2015-05-20 11:54:15 -07:00
Giovanni Bajo
4273247923 auth/ldap: move password into InternalData 2015-05-09 22:06:34 +02:00
Giovanni Bajo
4a9be1fb5f auth/ldap: move username into the path (to allow per-user revokation on the path) 2015-05-09 22:06:28 +02:00
Giovanni Bajo
45a151ef73 auth/ldap: fix pasto 2015-05-09 22:06:22 +02:00
Giovanni Bajo
9e8b045308 auth/ldap: implement login renew 2015-05-09 22:04:20 +02:00
Giovanni Bajo
16d1d052f0 auth/ldap: add support for groups with unique members 2015-05-09 22:04:20 +02:00
Giovanni Bajo
f0c2c95909 auth/ldap: implement authorization via LDAP groups 2015-05-09 22:04:20 +02:00
Giovanni Bajo
7f3313c587 Attempt connection to LDAP server at login time. 
Also switch to a LDAP library fork which fixes a panic when
shutting down a connection immediately.
 2015-05-09 22:04:19 +02:00
Giovanni Bajo
230fc30ea2 Initial implementation of the LDAP credential backend 2015-05-09 22:04:19 +02:00