Commit graph

4218 commits

Author SHA1 Message Date
Laura Bennett 7e29cf1cae edits based on comments in PR 2016-07-25 09:46:10 -04:00
Jeff Mitchell d4c3e27c4e Fix re-specification of filter 2016-07-25 09:08:29 -04:00
Jeff Mitchell 3002799c26 Add upgrade notes for LDAP 2016-07-25 09:07:52 -04:00
Jeff Mitchell 118939238b changelog++ 2016-07-25 08:48:09 -04:00
Jeff Mitchell 5f2f70e78f Merge pull request #1388 from shomron/ldap_groupfilter
Added new configuration option to ldap auth backend - groupfilter
2016-07-25 08:41:48 -04:00
Laura Bennett 395f052870 minor error correction 2016-07-24 22:35:54 -04:00
Laura Bennett 9ea1c8b801 initial commit for nonAssignablePolicies 2016-07-24 22:27:41 -04:00
Laura Bennett 4945198334 reverting branch mistake 2016-07-24 21:56:52 -04:00
Laura Bennett 483e796177 website update for request uuuid 2016-07-24 21:23:12 -04:00
Laura Bennett c63cdc23a1 Merge branch 'master' of https://github.com/hashicorp/vault into request-uuid 2016-07-23 21:47:08 -04:00
Laura Bennett e5737b6789 initial local commit 2016-07-23 21:46:28 -04:00
Oren Shomron cd6d114e42 LDAP Auth Backend Overhaul
--------------------------

Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.

Simplified group membership lookup significantly to support multiple use-cases:
  * Enumerating groups via memberOf attribute on user object
  * Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
  * Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule

There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.

Additional changes:
  * Clarify documentation for LDAP auth backend.
  * Reworked how default values are set, added tests
  * Removed Dial from LDAP config read. Network should not affect configuration.
2016-07-22 21:20:05 -04:00
Jeff Mitchell 984a48c195 Update vendored deps 2016-07-22 20:11:59 -04:00
vishalnayak c7be699b8b changelog++ 2016-07-22 18:37:14 -04:00
Vishal Nayak 38d8ff33d5 Merge pull request #1647 from hashicorp/version-in-api
Add version information to health status
2016-07-22 18:34:33 -04:00
vishalnayak a92da37351 Updated sys/health docs 2016-07-22 18:33:29 -04:00
vishalnayak 43d352a942 Add version information to health status 2016-07-22 18:28:16 -04:00
Jeff Mitchell 6723ac91cf changelog++ 2016-07-22 18:02:08 -04:00
Jeff Mitchell e7d5b4a7e5 Merge pull request #1646 from maier/master
Circonus integration for telemetry metrics
2016-07-22 18:00:15 -04:00
Jeff Mitchell 4ab60f36a3 Rename err var to be more clear 2016-07-22 16:57:47 -04:00
matt maier 6519c224ac Circonus integration for telemetry metrics 2016-07-22 15:49:23 -04:00
Vishal Nayak 1e56223c49 Merge pull request #1645 from hashicorp/update-init-docs
Update docs on the `init` command
2016-07-22 11:32:27 -04:00
vishalnayak a7665723e3 Address review feedback 2016-07-22 11:31:55 -04:00
vishalnayak f53792efc7 Update docs on the init command 2016-07-22 11:22:10 -04:00
Jeff Mitchell f1cc16b77f Remove manual selection of nextprotos from tls config coming from certutil; it's really not up to us to dictate third party requirements 2016-07-22 11:12:46 -04:00
Jeff Mitchell df8e4fe746 Have Travis use go 1.7rc3 for testing 2016-07-22 10:59:19 -04:00
vishalnayak 6d82a8f5df changelog++ 2016-07-22 10:28:15 -04:00
Vishal Nayak 78459f5d1e Merge pull request #1643 from hashicorp/additional-service-tags
Added `service-tags` config option to Consul storage backend
2016-07-22 10:22:07 -04:00
vishalnayak 8dc3a830dc Address review feedback 2016-07-22 10:21:45 -04:00
vishalnayak 32a72e84dc Added test for service tags 2016-07-22 09:04:42 -04:00
vishalnayak 58bd985551 Address review feedback from @jefferai 2016-07-22 08:44:16 -04:00
vishalnayak 9bfb518e3f Make debug statements specify that the logs are for physical/consul 2016-07-22 07:03:14 -04:00
vishalnayak 248889dd1b Fix broken test 2016-07-22 06:42:56 -04:00
vishalnayak 765d131b47 Added service-tags config option to provide additional tags to registered service 2016-07-22 04:41:48 -04:00
vishalnayak e4e2eec14b changelog++ 2016-07-21 20:50:08 -04:00
Vishal Nayak caab9d40f2 Merge pull request #1642 from hashicorp/init-service-discovery
Add service discovery to init command
2016-07-21 20:47:32 -04:00
vishalnayak b243ee256e Address review feedback by @jefferai 2016-07-21 20:46:31 -04:00
vishalnayak bd8ff10462 Address review feedback from @sean 2016-07-21 19:04:43 -04:00
vishalnayak 5316082675 Added documentation for init service discovery 2016-07-21 17:27:56 -04:00
vishalnayak f557457909 Added a separate flag consul-service to receive Consul service name 2016-07-21 16:51:38 -04:00
vishalnayak 23800c5f1d Add service discovery to init command 2016-07-21 16:17:29 -04:00
Jeff Mitchell 3e7449164c Update website text 2016-07-21 14:54:24 -04:00
Jeff Mitchell 6d41045b3b Update website description 2016-07-21 14:32:23 -04:00
Vishal Nayak 9bb89431dc Merge pull request #1632 from hashicorp/lib-locks-create
Added helper to create locks
2016-07-21 10:23:34 -04:00
Jeff Mitchell a57a23c12b changelog++ 2016-07-21 10:23:11 -04:00
Jeff Mitchell e13ed0289e changelog++ 2016-07-21 10:22:20 -04:00
Jeff Mitchell 4d8f3a89c6 Merge pull request #1639 from hashicorp/issue-1637
Fix panic if no certificates are supplied by client
2016-07-21 10:21:55 -04:00
Jeff Mitchell 68dcf677fa Fix panic if no certificates are supplied by client
Fixes #1637
2016-07-21 10:20:41 -04:00
Jeff Mitchell b353e44209 Fix build 2016-07-21 09:53:41 -04:00
Jeff Mitchell 70e3508c5e changelog++ 2016-07-21 09:52:48 -04:00