scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-12-10 22:15:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,725 Commits 2,630 Branches 341 Tags
jira-sync-workflow-dispatch
Commit Graph

923 Commits

Author SHA1 Message Date
Bradley Girardeau
85a4d740b5 ldap: add mfa support to CLI 2015-07-27 21:14:00 -07:00
Bradley Girardeau
5afc6115c7 ldap: add mfa to LDAP login 2015-07-27 21:14:00 -07:00
Raymond Pete
5b1db50733 name slug check 2015-07-26 22:21:16 -04:00
Bradley Girardeau
709b91fbd1 ldap: change setting user policies to setting user groups 2015-07-20 11:33:39 -07:00
Bradley Girardeau
7ee2419323 ldap: add ability to set policies based on username as well as groups 2015-07-14 15:46:15 -07:00
Bradley Girardeau
cbb6b64ce6 ldap: add ability to login with a userPrincipalName (user@upndomain) 2015-07-14 15:37:46 -07:00
Armon Dadgar
e7993c5bbd auth/userpass: store password as hash instead of direct. Credit @kenbreeman 2015-07-13 15:09:24 +10:00
Armon Dadgar
e907cad8be auth/userpass: protect against timing attack. Credit @kenbreeman 2015-07-13 15:01:18 +10:00
Armon Dadgar
d54ff83113 auth/app-id: protect against timing attack. Credit @kenbreeman 2015-07-13 14:58:18 +10:00
Bradley Girardeau
0ef2eca24f ldap: add starttls support and option to specificy ca certificate 2015-07-02 15:49:51 -07:00
Armon Dadgar
5151516127 cred/app-id: testing upgrade to salted keys 2015-06-30 18:37:10 -07:00
Armon Dadgar
ae324ce941 cred/app-id: first pass at automatic upgrading to salting 2015-06-30 18:09:08 -07:00
Armon Dadgar
6a9dc00e57 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar
22f543f837 Updating for backend API change 2015-06-30 17:36:12 -07:00
Armon Dadgar
f7602dd44a Merge pull request #380 from kgutwin/cert-cli 
Enable TLS client cert authentication via the CLI
 2015-06-30 11:44:28 -07:00
Armon Dadgar
dd9040b85d ldap: fixing merge conflict 2015-06-30 09:40:43 -07:00
Karl Gutwin
67993efeb0 Better error messages. 2015-06-30 08:59:38 -04:00
Karl Gutwin
c26fca9180 Merge remote-tracking branch 'upstream/master' into cert-cli 2015-06-30 08:31:00 -04:00
Karl Gutwin
48e3a8d8ce enable CLI cert login 2015-06-29 23:29:41 -04:00
esell
dac2cd8c62 change skipsslverify to insecure_tls 2015-06-29 19:23:31 -06:00
Armon Dadgar
de6ce89c39 Fixing merge conflict 2015-06-29 14:50:55 -07:00
esell
11a0b3b6c6 Set SkipSSLVerify default to false, add warning in help message 2015-06-24 13:38:14 -06:00
esell
e3a3fc8ab1 cleanup the code a bit 2015-06-24 10:09:29 -06:00
esell
ee690118b9 allow skipping SSL verification on ldap auth 2015-06-24 10:05:45 -06:00
Armon Dadgar
28dd283c93 builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Mitchell Hashimoto
a98c07855b credential/github: get rid of stray tab 2015-06-16 10:05:51 -07:00
Mitchell Hashimoto
dcc84749d1 command/auth, github: improve cli docs 
/cc @sethvargo
 2015-06-16 10:05:11 -07:00
Christian Svensson
f184c5985a Record the common name in TLS metadata 
It is useful to be able to save the client cert's Common Name for auditing purposes when using a central CA.

This adds a "common_name" value to the Metadata structure passed from login.
 2015-06-14 23:18:21 +01:00
Ian Unruh
82bca95537 Allow dot in LDAP login username 2015-05-20 11:54:15 -07:00
Armon Dadgar
cce15445c9 auth/cert: Guard against empty certs. Fixes #214 2015-05-18 16:11:09 -07:00
Armon Dadgar
087e84d9a9 cred/app-id: ensure consistent error message 2015-05-15 11:45:57 -07:00
Armon Dadgar
f1683f907f cred/app-id: stricter validation and error messaging 2015-05-15 11:40:45 -07:00
Jonathan Sokolowski
a4f9bacb28 credential/app-id: Test DeleteOperation 2015-05-14 22:30:02 +10:00
Etourneau Gwenn
fd682719a1 Fix Error message 2015-05-12 14:32:09 +09:00
Mitchell Hashimoto
3a9a1b2738 credential/app-id: add hash of user/app ID to metadata for logs 2015-05-11 10:46:11 -07:00
Mitchell Hashimoto
09b3a99d56 Merge pull request #184 from hashicorp/b-github-casing 
credential/github: case insensitive mappings
 2015-05-11 10:27:45 -07:00
Mitchell Hashimoto
11a009d5ab logical/framework: PathMap is case insensitive by default 2015-05-11 10:27:04 -07:00
Mitchell Hashimoto
5d1baaace4 credential/github: case insensitive mappings 2015-05-11 10:24:39 -07:00
Giovanni Bajo
4273247923 auth/ldap: move password into InternalData 2015-05-09 22:06:34 +02:00
Giovanni Bajo
4a9be1fb5f auth/ldap: move username into the path (to allow per-user revokation on the path) 2015-05-09 22:06:28 +02:00
Giovanni Bajo
45a151ef73 auth/ldap: fix pasto 2015-05-09 22:06:22 +02:00
Giovanni Bajo
9e8b045308 auth/ldap: implement login renew 2015-05-09 22:04:20 +02:00
Giovanni Bajo
368df9fac1 auth/ldap: document LDAP server used in tests 2015-05-09 22:04:20 +02:00
Giovanni Bajo
b41328c72d auth/ldap: add acceptance tests 2015-05-09 22:04:20 +02:00
Giovanni Bajo
16d1d052f0 auth/ldap: add support for groups with unique members 2015-05-09 22:04:20 +02:00
Giovanni Bajo
f0c2c95909 auth/ldap: implement authorization via LDAP groups 2015-05-09 22:04:20 +02:00
Giovanni Bajo
ab269aef60 auth/ldap: add configuration path for groups 2015-05-09 22:04:20 +02:00
Giovanni Bajo
7f3313c587 Attempt connection to LDAP server at login time. 
Also switch to a LDAP library fork which fixes a panic when
shutting down a connection immediately.
 2015-05-09 22:04:19 +02:00
Giovanni Bajo
230fc30ea2 Initial implementation of the LDAP credential backend 2015-05-09 22:04:19 +02:00
Seth Vargo
3748be6491 Remove references to -var 2015-05-08 11:45:29 -04:00