Commit Graph

2590 Commits

Author SHA1 Message Date
Giovanni Bajo 02d3b1c74c auth/ldap: add support for groups with unique members 2015-05-09 22:04:20 +02:00
Giovanni Bajo c313ff2802 auth/ldap: implement authorization via LDAP groups 2015-05-09 22:04:20 +02:00
Giovanni Bajo dc6b4ab9db auth/ldap: add configuration path for groups 2015-05-09 22:04:20 +02:00
Giovanni Bajo 7e39da2e67 Attempt connection to LDAP server at login time.
Also switch to a LDAP library fork which fixes a panic when
shutting down a connection immediately.
2015-05-09 22:04:19 +02:00
Giovanni Bajo 7492c5712a Initial implementation of the LDAP credential backend 2015-05-09 22:04:19 +02:00
Seth Vargo f3c3f4717a Remove references to -var 2015-05-08 11:45:29 -04:00
Armon Dadgar a6a4bee2ee cred/app-id: Add help synopsis to login path 2015-05-07 15:45:43 -07:00
Seth Vargo 04015fdf55 Fix output from GitHub help 2015-05-07 14:13:12 -04:00
Armon Dadgar b07d0bc56f audit/file: Create file if it does not exist. Fixes #148 2015-05-06 11:33:06 -07:00
Mitchell Hashimoto deab183cbd token/disk: write token with 0600 2015-05-02 13:34:01 -07:00
Trevor Pounds 582677b134 Fix documentation typo. 2015-04-28 22:15:56 -07:00
Armon Dadgar 848433a355 audit/file: add log_raw parameter and default to hashing 2015-04-27 15:56:41 -07:00
Armon Dadgar f01e14351a audit/syslog: switch defaults 2015-04-27 15:56:41 -07:00
Armon Dadgar de7a81a8fb audit/syslog: Copy structure before hashing to avoid breaking result 2015-04-27 15:56:40 -07:00
Armon Dadgar 1b659d41ff audit/syslog: Hash everything by default, optionally disable 2015-04-27 15:56:40 -07:00
Armon Dadgar bb1dd509d7 audit/syslog: first pass 2015-04-27 15:56:40 -07:00
Armon Dadgar 434305a6c2 secret/aws: Using roles instead of policy 2015-04-27 14:20:28 -07:00
Armon Dadgar 5edf8cf3a8 Do not root protect role configurations 2015-04-27 14:07:20 -07:00
Armon Dadgar 12e8c0f8cf secret/postgres: secret/mysql: roles endpoints root protected 2015-04-27 14:04:10 -07:00
Armon Dadgar 816d981d1a secret/consul: replace policy with roles, and prefix the token path 2015-04-27 13:59:56 -07:00
Armon Dadgar 6a38090822 secret/transit: rename policy to keys 2015-04-27 13:52:47 -07:00
Armon Dadgar 793e6efef4 secret/transit: Adding more help. Fixes #41 2015-04-27 12:47:09 -07:00
Armon Dadgar 27c73da308 audit/file: Attempt to create directory path. Fixes #38 2015-04-27 12:40:32 -07:00
Armon Dadgar a753fadcb4 secret/postgresql: testing support for multiple statements 2015-04-27 12:00:07 -07:00
Armon Dadgar 1c8288c3da secret/postgresql: support multiple sql statements 2015-04-27 11:31:27 -07:00
Armon Dadgar 50879eb2e5 mysql: cleanup 2015-04-27 11:31:11 -07:00
Armon Dadgar 9cae5520a0 logical/consul: Added missing policy endpoints 2015-04-27 11:08:37 -07:00
Armon Dadgar 1d95694a7c secret/mysql: improve the example statement 2015-04-25 12:58:50 -07:00
Armon Dadgar 503241eeee secret/mysql: adding acceptance test 2015-04-25 12:56:23 -07:00
Armon Dadgar e378f5c4a2 secret/mysql: fixing mysql oddities 2015-04-25 12:56:11 -07:00
Armon Dadgar 57e66f3b6c secret/mysql: initial pass at mysql secret backend 2015-04-25 12:05:26 -07:00
Armon Dadgar 9087471bad credential/cert: support leasing and renewal 2015-04-24 12:58:39 -07:00
Armon Dadgar 3a9e20748b credential/cert: default display name 2015-04-24 10:52:17 -07:00
Armon Dadgar 7b4ceeb7e6 credential/cert: more validation on cert setup 2015-04-24 10:39:44 -07:00
Armon Dadgar d57c8ea0f0 credential/cert: return logical error if invalid 2015-04-24 10:36:25 -07:00
Armon Dadgar ae272b83ce credential/cert: major refactor 2015-04-24 10:31:57 -07:00
Armon Dadgar 28b18422b7 credential/cert: First pass at public key credential backend 2015-04-23 21:46:21 -07:00
Mitchell Hashimoto ee2b113831 audit/file: append 2015-04-19 22:43:39 -07:00
Mitchell Hashimoto 0b7e7190b5 credentials/userpass: integrate into auth cli 2015-04-19 15:17:24 -07:00
Mitchell Hashimoto c5cadc026d credential/userpass: renewal 2015-04-19 15:12:50 -07:00
Mitchell Hashimoto 0ae9eadfd3 credential/userpass: help 2015-04-19 15:07:11 -07:00
Mitchell Hashimoto 0aec679bb4 credential/userpass: login 2015-04-19 15:06:29 -07:00
Mitchell Hashimoto fedda20c41 credential/userpass: configuring users 2015-04-19 14:59:30 -07:00
Mitchell Hashimoto 17676af663 logical/postgresql: when renewing, alter the valid until 2015-04-18 22:55:33 -07:00
Mitchell Hashimoto 4e21f702a8 logical/consul: leasing 2015-04-18 22:29:46 -07:00
Mitchell Hashimoto 517236ea50 logical/consul: config/access is the new path for config 2015-04-18 22:28:53 -07:00
Mitchell Hashimoto 23a156b414 logical/aws: leasing/renewal support 2015-04-18 22:25:37 -07:00
Mitchell Hashimoto 2a8dfd85f4 logical/aws: fix build 2015-04-18 22:22:35 -07:00
Mitchell Hashimoto 208dd1e8be logical/aws: move root creds config to config/root 2015-04-18 22:21:31 -07:00
Mitchell Hashimoto f61626f7a6 logical/aws: support read/delete policies 2015-04-18 22:13:12 -07:00
Mitchell Hashimoto 79ccb2f412 logical/postgresql: support deleting roles and reading them 2015-04-18 21:59:59 -07:00
Mitchell Hashimoto 84bca3ef28 logical/postgresql: renew for secret 2015-04-18 21:47:19 -07:00
Mitchell Hashimoto e1e5c47362 logical/postgresql: leasing 2015-04-18 21:45:05 -07:00
Mitchell Hashimoto 8edc4d1241 logical/postgres: no session limit 2015-04-18 18:42:57 -07:00
Mitchell Hashimoto 39b8ae1b31 logical/postgers: update docs properly 2015-04-18 18:42:26 -07:00
Mitchell Hashimoto 6e10c415ef logical/postgresql: leases 2015-04-18 18:40:03 -07:00
Mitchell Hashimoto 2120235a2e logical/postgresql: create DB credentials 2015-04-18 18:37:27 -07:00
Mitchell Hashimoto d0eb1b9a74 logical/postgresql: creating roles 2015-04-18 18:09:33 -07:00
Mitchell Hashimoto d96b64286a logical/postgresql: connection 2015-04-18 17:34:36 -07:00
Mitchell Hashimoto 20324a0c9c website: more auth 2015-04-18 13:45:50 -07:00
Mitchell Hashimoto f7a1b2ced9 credential/app-id: allow restriction by CIDR block [GH-10] 2015-04-17 10:14:39 -07:00
Mitchell Hashimoto e643b48235 credential/app-id: support associating a name with app ID [GH-9] 2015-04-17 10:01:03 -07:00
Mitchell Hashimoto 37af1683c6 credential/*: adhere to new API 2015-04-17 09:40:28 -07:00
Armon Dadgar 07bffafbbd Adding transit logical backend 2015-04-15 17:08:12 -07:00
Armon Dadgar 381aa0f7af logical/aws: Use display name for IAM username 2015-04-15 15:05:00 -07:00
Armon Dadgar 489e79ffd3 logical/consul: Use the DisplayName for the ACL token name 2015-04-15 15:03:05 -07:00
Armon Dadgar cf2faa06ae credential/github: Set the github username as the display name 2015-04-15 14:30:46 -07:00
Mitchell Hashimoto ef95d9a10e audit/file: use JSON formatter to write output 2015-04-13 14:12:14 -07:00
Mitchell Hashimoto 48205d166b rename vault id to lease id all over 2015-04-10 20:35:14 -07:00
Mitchell Hashimoto 62f4d1dd0e credential/github: CLI handler 2015-04-06 09:53:43 -07:00
Mitchell Hashimoto 569991fcc5 credential/app-id 2015-04-04 18:41:49 -07:00
Mitchell Hashimoto 8bfa12297d builtin/audit: add file audit 2015-04-04 18:10:25 -07:00
Mitchell Hashimoto 606b3dbff9 credential/github: improve help 2015-04-04 12:18:33 -07:00
Mitchell Hashimoto 8dc9e0e0d5 logical/framework: better string values for types 2015-04-03 21:15:59 -07:00
Mitchell Hashimoto ec9df0439b logical/aws: help 2015-04-03 21:10:54 -07:00
Mitchell Hashimoto 0bbad03c70 logical/framework: support root help 2015-04-03 20:36:47 -07:00
Mitchell Hashimoto 12a75dd304 credential/github: auth with github 2015-04-01 15:46:37 -07:00
Mitchell Hashimoto 486c3d7f30 logical/aws: policy doesn't need to be base64 2015-03-31 17:26:41 -07:00
Mitchell Hashimoto 712d144ec7 token/disk: fix args parsing 2015-03-30 23:21:17 -07:00
Mitchell Hashimoto b12feccf38 logical/*: fix compilation errors 2015-03-30 20:30:07 -07:00
Mitchell Hashimoto e40d0874e1 command/auth: tests work wihtout vault installed 2015-03-30 11:07:31 -07:00
Mitchell Hashimoto 27bc188758 token/disk: implement unencrypted disk store 2015-03-30 09:21:59 -07:00
Mitchell Hashimoto db65fd7b95 command: unit tests pass 2015-03-29 16:20:34 -07:00
Mitchell Hashimoto 3270349456 logical/consul: actual test that the token works 2015-03-21 17:23:44 +01:00
Mitchell Hashimoto 55a3423c60 logical/consul 2015-03-21 17:19:37 +01:00
Mitchell Hashimoto 05246433bb logical/aws: refactor access key create to the secret file 2015-03-21 11:49:56 +01:00
Mitchell Hashimoto 665cbaa3e4 logical/aws: remove debug I was using to test rollback :) 2015-03-21 11:20:22 +01:00
Mitchell Hashimoto 9e4b9d593b logical/aws: WAL entry for users, rollback 2015-03-21 11:18:46 +01:00
Mitchell Hashimoto 86a6062ba2 main: enable AWS backend 2015-03-20 19:32:18 +01:00
Mitchell Hashimoto 62d9bec8be logical/aws 2015-03-20 19:03:20 +01:00