open-vault/builtin/credential
Jeff Mitchell 5d44c54947
Changes the way policies are reported in audit logs (#4747)
* This changes the way policies are reported in audit logs.

Previously, only policies tied to tokens would be reported. This could
make it difficult to perform after-the-fact analysis based on both the
initial response entry and further requests. Now, the full set of
applicable policies from both the token and any derived policies from
Identity are reported.

To keep things consistent, token authentications now also return the
full set of policies in api.Secret.Auth responses, so this both makes it
easier for users to understand their actual full set, and it matches
what the audit logs now report.
2018-06-14 09:49:33 -04:00
..
app-id Errwrap everywhere (#4252) 2018-04-05 11:49:21 -04:00
approle Fix panic due to metadata being nil (#4719) 2018-06-11 11:22:26 -04:00
aws Some atomic cleanup (#4732) 2018-06-09 15:35:22 -04:00
cert strip checking cidrs on renewals (#4682) 2018-06-03 09:22:54 -04:00
github Errwrap everywhere (#4252) 2018-04-05 11:49:21 -04:00
ldap Return generic messages if pre-login ldap operations fail (#4700) 2018-06-05 11:23:10 -04:00
okta Clean up error string formatting (#4304) 2018-04-09 14:35:21 -04:00
radius Dockerize radius auth backend acceptance tests (#4276) 2018-04-11 14:26:35 -04:00
token Changes the way policies are reported in audit logs (#4747) 2018-06-14 09:49:33 -04:00
userpass strip checking cidrs on renewals (#4682) 2018-06-03 09:22:54 -04:00