mirror of
https://github.com/gogrlx/nats-server.git
synced 2026-04-17 03:24:40 -07:00
69525f3083
Check for a no_auth_user should be done only when no authentication at all is provided by the user. This was not the case. For instance, if the user provided a token, the server would still check for no_auth_user if users are defined. It was not really an issue since the admin cannot configure users AND token, but it is better for the application to fail if providing a token that is actually not being used. If the admin configures a no_auth_user, this should be used only when no authentication is provided. Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
7.7 KiB
7.7 KiB