Commit Graph

35 Commits (afe0f26143870fa4d0d1e5e93add167158bad696)

Author SHA1 Message Date
Matt Keeler d3881dd754
ACL Node Identities (#7970)
5 years ago
Hans Hasselberg 242994a016
acl: do not resolve local tokens from remote dcs (#8068)
5 years ago
R.B. Boyer 833211c14c
acl: allow auth methods created in the primary datacenter to optionally create global tokens (#7899)
5 years ago
R.B. Boyer a854e4d9c5
acl: oss plumbing to support auth method namespace rules in enterprise (#7794)
5 years ago
R.B. Boyer 22eb016153
acl: add MaxTokenTTL field to auth methods (#7779)
5 years ago
R.B. Boyer ca52ba7068
acl: add DisplayName field to auth methods (#7769)
5 years ago
Alejandro Baez bafa69bb69
Add PolicyReadByName for API (#6615)
5 years ago
R.B. Boyer 85a08bf8ed
server: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#7419)
5 years ago
Matt Keeler e231d62bc9
Make the config entry and leaf cert cache types ns aware (#7256)
5 years ago
R.B. Boyer 8c596953b0
agent: ensure that we always use the same settings for msgpack (#7245)
5 years ago
Matt Keeler 663cf1e9a8
AuthMethod updates to support alternate namespace logins (#7029)
5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup
5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext
5 years ago
Matt Keeler 8f0ab0129e
Miscellaneous Fixes (#6896)
5 years ago
Matt Keeler a704ebe639
Add Namespace support to the API module and the CLI commands (#6874)
5 years ago
Matt Keeler deb91f3d3c
[Feature] API: Add a internal endpoint to query for ACL authori… (#6888)
5 years ago
Sarah Adams 78ad8203a4
Use encoding/json as JSON decoder instead of mapstructure (#6680)
5 years ago
Matt Keeler 79f78632e1
Update the ACL Resolver to allow for Consul Enterprise specific hooks. (#6687)
5 years ago
Matt Keeler e4ea9b0a96
Updates to allow for Namespacing ACL resources in Consul Enterp… (#6675)
5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620)
5 years ago
R.B. Boyer 20eefeea11
acl: a role binding rule for a role that does not exist should be ignored (#5778)
6 years ago
R.B. Boyer b4371bcccd
acl: enforce that you cannot persist tokens and roles with missing links except during replication (#5779)
6 years ago
Matt Keeler 4daa1585b0
ACL Token ID Initialization (#5307)
6 years ago
R.B. Boyer e47d7eeddb acl: adding support for kubernetes auth provider login (#5600)
6 years ago
R.B. Boyer cc1aa3f973 acl: adding Roles to Tokens (#5514)
6 years ago
R.B. Boyer 7928305279 making ACLToken.ExpirationTime a *time.Time value instead of time.Time (#5663)
6 years ago
R.B. Boyer db43fc3a20 acl: ACL Tokens can now be assigned an optional set of service identities (#5390)
6 years ago
R.B. Boyer 2144bd7fbd acl: tokens can be created with an optional expiration time (#5353)
6 years ago
Matt Keeler 90040f8bff Fixes for CVE-2019-8336
6 years ago
R.B. Boyer 324ba5df17
update TestStateStore_ACLBootstrap to not rely upon request mutation (#5335)
6 years ago
Matt Keeler d5a3ba6cda
Disregard rules when set on a management token (#5261)
6 years ago
R.B. Boyer 9211d2701d
fix comment typos (#4890)
6 years ago
Matt Keeler f9cf0eb36e Remaining ACL Unit Tests (#4852)
6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791)
6 years ago
Frank Schroeder 1acff3533e
agent: move agent/consul/structs to agent/structs
7 years ago