nats-server

mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-15 18:50:41 -07:00

Author	SHA1	Message	Date
Ivan Kozlovic	7ad4498a09	Gateways: Remove unused permissions options Permissions were configured but not implemented. Removing for now. Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2019-01-10 09:49:36 -07:00
Derek Collison	7978d8e667	Support for mapping user from TLS client certificate Signed-off-by: Derek Collison <derek@nats.io>	2018-12-20 07:51:43 -08:00
Derek Collison	bb97ae7b6f	Allow normal base64 sig for bare nkeys too Signed-off-by: Derek Collison <derek@nats.io>	2018-12-07 22:52:16 -08:00
Derek Collison	4a0a0d2d7a	Allow normal base64 sig as well Signed-off-by: Derek Collison <derek@nats.io>	2018-12-07 16:17:09 -08:00
R.I.Pienaar	08eafd89f8	Expose the connection remote address to CustomClientAuthentication This adds a RemoteAddress() method to the ClientAuthentication interface which would facilitate CustomClientAuthentication mechanisms considering the remote IP address of the client in their decisions to allow clients or not Resolves #832 Signed-off-by: R.I.Pienaar <rip@devco.net>	2018-12-06 09:04:56 +01:00
Derek Collison	2d54fc3ee7	Account lookup failures, account and client limits, options reload. Changed account lookup and validation failures to be more understandable by users. Changed limits to be -1 for unlimited to match jwt pkg. The limits changed exposed problems with options holding real objects causing issues with reload tests under race mode. Longer term this code should be reworked such that options only hold config data, not real structs, etc. Signed-off-by: Derek Collison <derek@nats.io>	2018-12-05 14:25:40 -08:00
Derek Collison	f4f3d3baf1	Updates for operator based configurations. Added update to parse and load operator JWTs. Changed to add in signing keys from operator JWT to list of trusted keys. Added URL account resolver. Added account claim updates by system messages. Signed-off-by: Derek Collison <derek@nats.io>	2018-12-02 20:34:33 -08:00
Derek Collison	e2ce2c0cff	Change to RawURLEncoding Signed-off-by: Derek Collison <derek@nats.io>	2018-11-29 17:04:58 -08:00
Derek Collison	574fd62e01	Allow servers to send and receive messages directly Signed-off-by: Derek Collison <derek@nats.io>	2018-11-29 12:15:08 -08:00
Ivan Kozlovic	10fd3ca0c6	Gateways [WIP] Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2018-11-27 19:00:03 -07:00
Derek Collison	a2e310ffc1	Vendor jwt, fixes for nkey, jwt changes Signed-off-by: Derek Collison <derek@nats.io>	2018-11-21 19:22:04 -08:00
Derek Collison	0ee714ce28	Add JWT support for users, accounts and import activations. Add in trusted keys options and binary stamp User JWT and Account fetch with AccountResolver Account and User expiration Account Imports/Exports w/ updates Import activation expiration Signed-off-by: Derek Collison <derek@nats.io>	2018-11-21 10:36:32 -08:00
Derek Collison	5077025801	Make assiging global account consistent Signed-off-by: Derek Collison <derek@nats.io>	2018-11-07 09:52:29 -08:00
Derek Collison	ea5a6d9589	Updates for comments, some golint fixes Signed-off-by: Derek Collison <derek@nats.io>	2018-10-31 20:28:44 -07:00
Derek Collison	47963303f8	First pass at new cluster design Signed-off-by: Derek Collison <derek@nats.io>	2018-10-24 21:29:29 -07:00
Ivan Kozlovic	9a1cb08394	Updates based on comments Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2018-10-24 11:05:14 -06:00
Ivan Kozlovic	d35bb56d11	Added support for Accounts reload Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2018-10-23 14:58:53 -06:00
Derek Collison	0d1d51a3bb	Support for global/reserved accounts Signed-off-by: Derek Collison <derek@nats.io>	2018-10-04 12:12:34 -07:00
Derek Collison	e78828ce4c	Changed name to better pruning vs prune running Signed-off-by: Derek Collison <derek@nats.io>	2018-10-03 08:38:24 -07:00
Derek Collison	069732c768	Add max and ttl for reponse maps Signed-off-by: Derek Collison <derek@nats.io>	2018-10-02 14:14:10 -07:00
Derek Collison	14cdda8cd4	Updates from comments Signed-off-by: Derek Collison <derek@nats.io>	2018-09-30 09:36:32 -07:00
Derek Collison	9f8330bcc9	Added import and export parsing for configs Signed-off-by: Derek Collison <derek@nats.io>	2018-09-29 13:04:19 +02:00
Derek Collison	ae21fa22b7	API changes to match config for account mappings Signed-off-by: Derek Collison <derek@nats.io>	2018-09-29 13:04:19 +02:00
Derek Collison	f6cb706c68	First pass req/reply across accounts Signed-off-by: Derek Collison <derek@nats.io>	2018-09-29 13:04:19 +02:00
Derek Collison	620e1d7364	Basic account mapping via import and export Signed-off-by: Derek Collison <derek@nats.io>	2018-09-29 13:04:19 +02:00
Derek Collison	1cbfbfa071	Basic account support Signed-off-by: Derek Collison <derek@nats.io>	2018-09-29 13:04:19 +02:00
Derek Collison	16c0f5b7f4	Update for nkey changes Signed-off-by: Derek Collison <derek@nats.io>	2018-09-13 11:41:28 -07:00
Ivan Kozlovic	846544ecfe	Merge pull request #747 from nats-io/update_route_perms [CHANGED] Cluster permissions moved out of cluster's authorization	2018-09-11 10:04:13 -06:00
Ivan Kozlovic	e1202dd30a	[CHANGED] Cluster permissions moved out of cluster's authorization It will be possible to set subjects permissions regardless of the presence of an authorization block. Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2018-09-10 17:03:50 -06:00
Derek Collison	129866bb76	Make warning style Signed-off-by: Derek Collison <derek@nats.io>	2018-09-10 15:32:26 -07:00
Derek Collison	fff62d5bf7	Warn on plaintext passwords in config and redact from logs Signed-off-by: Derek Collison <derek@nats.io>	2018-09-10 15:29:42 -07:00
Derek Collison	3d2cb0e7d1	Basic nkey support and nonce handling Signed-off-by: Derek Collison <derek@nats.io>	2018-09-10 15:29:42 -07:00
Derek Collison	4b7cca2f5e	Report route filtering on source server Signed-off-by: Derek Collison <derek@nats.io>	2018-09-05 11:55:15 -07:00
Derek Collison	5955f22d65	Add in route permission support Signed-off-by: Derek Collison <derek@nats.io>	2018-08-23 14:42:43 -07:00
Derek Collison	65188f9768	Added parser for new style authorizations Signed-off-by: Derek Collison <derek@nats.io>	2018-08-22 20:41:48 -07:00
Ivan Kozlovic	bf3bc81722	Add route permissions The `client.perms` struct is left unchanged. We simply map Import and Export semantics to existing Publish and Subscribe ones. Signed-off-by: Ivan Kozlovic <ivan@synadia.com>	2018-06-21 17:04:10 -06:00
Derek Collison	6299e034cb	dynamic buffer updates Signed-off-by: Derek Collison <derek@nats.io>	2018-06-04 17:45:05 -07:00
Derek Collison	4dd4d2bd9d	lock users access Signed-off-by: Derek Collison <derek@nats.io>	2018-06-04 17:45:05 -07:00
Derek Collison	d3213df7f1	Fix data race Signed-off-by: Derek Collison <derek@nats.io>	2018-06-04 17:45:05 -07:00
Derek Collison	00901acc78	Update license to Apache 2	2018-03-15 22:31:07 -07:00
Christophe de Vienne	2b7cb173ff	Set info.AuthRequired when CustomClientAuthentication is defined	2017-09-08 10:56:21 +02:00
Christophe de Vienne	e556854f54	Rename CustomAuth to CustomAuthentication Simplify and complete tests based on Ivan advice.	2017-09-08 10:54:20 +02:00
Christophe de Vienne	b473674907	Add back custom Auth api The removal of SetClientAuthMethod removed any possibility of providing a custom auth backend. This patch add it back as a Option attribute, so we can wait comfortably for #434, which aims to provide more extensible external Auth.	2017-09-07 17:39:34 +02:00
Tyler Treat	84c8c511e4	Pass auth check if cluster username is not set	2017-06-19 14:18:08 -05:00
Tyler Treat	1e964e4aab	Address CR feedback	2017-06-14 16:48:11 -05:00
Tyler Treat	77a973fc8d	Send error when we drop a client subscription	2017-06-14 12:08:44 -05:00
Tyler Treat	4675603b60	Remove impossible branch logic	2017-06-13 16:23:07 -05:00
Tyler Treat	44966230db	Handle permissions changes on config reload	2017-06-13 16:04:38 -05:00
Tyler Treat	fa12181094	Add support for reloading users credentials	2017-06-12 13:17:30 -05:00
Tyler Treat	9ba55f0f21	Add support for reloading single-user and token authentication	2017-06-12 11:52:11 -05:00

1 2

58 Commits