luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
6421 commits 1 branch 0 tags 214 MiB
Commit graph

4 commits

Author SHA1 Message Date
Michael Ansel 30b71cbbac Add constraints on the Common Name for certificate-based authentication (#2595) 
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
 2017-04-30 11:37:10 -04:00
Jack DeLoach 8fecccde21 Add STS path to AWS backend. 
The new STS path allows for obtaining the same credentials that you would get
from the AWS "creds" path, except it will also provide a security token, and
will not have an annoyingly long propagation time before returning to the user.
 2016-01-21 14:05:09 -05:00
Michael S. Fischer 21ab4d526c Provide working example of TLS certificate authentication 
Fixes #474
 2015-08-07 15:15:53 -07:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00