luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
1776 commits 1 branch 0 tags 214 MiB
Commit graph

89 commits

Author SHA1 Message Date
Jeff Mitchell 5fa76b5640 Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572. 2015-08-28 06:28:43 -07:00
Jeff Mitchell 5695d57ba0 Merge pull request #561 from hashicorp/fix-wild-cards 
Allow hyphens in endpoint patterns of most backends
 2015-08-21 11:40:42 -07:00
vishalnayak 6c2927ede0 Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell 93ef9a54bd Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Jeff Mitchell 133380915a Disallow non-client X509 key usages for client TLS cert authentication. 2015-08-20 15:50:47 -07:00
Armon Dadgar d1a09e295a Merge pull request #509 from ekristen/github-fix 
Reimplements #459
 2015-08-11 10:06:10 -07:00
Erik Kristensen 611965844b reimplements #459 2015-08-09 11:25:45 -06:00
Michael S. Fischer 21ab4d526c Provide working example of TLS certificate authentication 
Fixes #474
 2015-08-07 15:15:53 -07:00
Erik Kristensen 26387f6535 remove newline 2015-08-03 16:34:24 -06:00
Erik Kristensen f9c49f4a57 fix bug #488 2015-08-03 15:47:30 -06:00
Rusty Ross 719ac6e714 update doc for app-id 
make clearer in doc that user-id can accept multiple app-id mappngs as comma-separated values
 2015-08-03 09:44:26 -07:00
Armon Dadgar 03728af495 Merge pull request #464 from bgirardeau/master 
Add Multi-factor authentication with Duo
 2015-07-30 17:51:31 -07:00
Bradley Girardeau aa55d36f03 Clean up naming and add documentation 2015-07-30 17:36:40 -07:00
Bradley Girardeau d26b77b4f4 mfa: code cleanup 2015-07-28 11:55:46 -07:00
Bradley Girardeau 6697012dd3 mfa: improve edge cases and documentation 2015-07-27 21:14:00 -07:00
Bradley Girardeau 06863d08f0 mfa: add to userpass backend 2015-07-27 21:14:00 -07:00
Bradley Girardeau 4eb1beb31c ldap: add mfa support to CLI 2015-07-27 21:14:00 -07:00
Bradley Girardeau 8fa5a349a5 ldap: add mfa to LDAP login 2015-07-27 21:14:00 -07:00
Raymond Pete 1ca09a74b3 name slug check 2015-07-26 22:21:16 -04:00
Bradley Girardeau e8d26d244b ldap: change setting user policies to setting user groups 2015-07-20 11:33:39 -07:00
Bradley Girardeau 301a22295d ldap: add ability to set policies based on username as well as groups 2015-07-14 15:46:15 -07:00
Bradley Girardeau 0e2edc2378 ldap: add ability to login with a userPrincipalName (user@upndomain) 2015-07-14 15:37:46 -07:00
Armon Dadgar 504a7ca7c1 auth/userpass: store password as hash instead of direct. Credit @kenbreeman 2015-07-13 15:09:24 +10:00
Armon Dadgar da4650ccb4 auth/userpass: protect against timing attack. Credit @kenbreeman 2015-07-13 15:01:18 +10:00
Armon Dadgar 599d5f1431 auth/app-id: protect against timing attack. Credit @kenbreeman 2015-07-13 14:58:18 +10:00
Bradley Girardeau 42050fe77b ldap: add starttls support and option to specificy ca certificate 2015-07-02 15:49:51 -07:00
Armon Dadgar b52d3e6506 cred/app-id: testing upgrade to salted keys 2015-06-30 18:37:10 -07:00
Armon Dadgar eeb717c901 cred/app-id: first pass at automatic upgrading to salting 2015-06-30 18:09:08 -07:00
Armon Dadgar 4b27e4d8c5 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar 5d69e7da90 Updating for backend API change 2015-06-30 17:36:12 -07:00
Armon Dadgar 3c58773598 Merge pull request #380 from kgutwin/cert-cli 
Enable TLS client cert authentication via the CLI
 2015-06-30 11:44:28 -07:00
Armon Dadgar b1f7e2f0ea ldap: fixing merge conflict 2015-06-30 09:40:43 -07:00
Karl Gutwin 0062d923cc Better error messages. 2015-06-30 08:59:38 -04:00
Karl Gutwin a54ba31635 Merge remote-tracking branch 'upstream/master' into cert-cli 2015-06-30 08:31:00 -04:00
Karl Gutwin dafcc5b2ce enable CLI cert login 2015-06-29 23:29:41 -04:00
esell c0e1843263 change skipsslverify to insecure_tls 2015-06-29 19:23:31 -06:00
Armon Dadgar 337997ab04 Fixing merge conflict 2015-06-29 14:50:55 -07:00
esell e81f966842 Set SkipSSLVerify default to false, add warning in help message 2015-06-24 13:38:14 -06:00
esell d3225dae07 cleanup the code a bit 2015-06-24 10:09:29 -06:00
esell 84371ea734 allow skipping SSL verification on ldap auth 2015-06-24 10:05:45 -06:00
Armon Dadgar 45d3c512fb builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Mitchell Hashimoto 4bf84392ec credential/github: get rid of stray tab 2015-06-16 10:05:51 -07:00
Mitchell Hashimoto 0ecf05c043 command/auth, github: improve cli docs 
/cc @sethvargo
 2015-06-16 10:05:11 -07:00
Christian Svensson e3d3012795 Record the common name in TLS metadata 
It is useful to be able to save the client cert's Common Name for auditing purposes when using a central CA.

This adds a "common_name" value to the Metadata structure passed from login.
 2015-06-14 23:18:21 +01:00
Ian Unruh 2e1bce27a9 Allow dot in LDAP login username 2015-05-20 11:54:15 -07:00
Armon Dadgar cc966d6b52 auth/cert: Guard against empty certs. Fixes #214 2015-05-18 16:11:09 -07:00
Armon Dadgar 56659a2db2 cred/app-id: ensure consistent error message 2015-05-15 11:45:57 -07:00
Armon Dadgar 8cff23f29b cred/app-id: stricter validation and error messaging 2015-05-15 11:40:45 -07:00
Jonathan Sokolowski 6746a24c78 credential/app-id: Test DeleteOperation 2015-05-14 22:30:02 +10:00
Etourneau Gwenn a3fe4b889f Fix Error message 2015-05-12 14:32:09 +09:00