Merge branch 'master' into pdp/jwt

2025-01-18 04:03:23 -08:00 · 2021-03-22 10:58:03 -05:00 · 2021-03-22 10:58:03 -05:00 · 86a444d009
commit 86a444d009
parent db6611639b 8932aeb438
6 changed files with 12 additions and 10 deletions
--- a/SUMMARY.md
+++ b/SUMMARY.md
@ -65,7 +65,7 @@
  * [Explore NATS Request/Reply](developing-with-nats/tutorials/reqreply.md)
  * [Explore NATS Queueing](developing-with-nats/tutorials/queues.md)
  * [Advanced Connect and Custom Dialer in Go](developing-with-nats/tutorials/custom_dialer.md)
-  * [In Depth JWT guide](developing-with-nats/tutorials/jwt.md)
+  * [In Depth JWT Guide](developing-with-nats/tutorials/jwt.md)

 ## NATS Server

--- a/developing-with-nats/tutorials/README.md
+++ b/developing-with-nats/tutorials/README.md
@ -6,5 +6,5 @@ Tutorials are provided to give guidance on commonly used aspects of NATS.
 * [Explore NATS Request/Reply](reqreply.md)
 * [Explore NATS Queueing](queues.md)
 * [Advanced Connect and Custom Dialer in Go](custom_dialer.md)
-* [In depth JWT guide](jwt.md)
+* [In Depth JWT Guide](jwt.md)

--- a/developing-with-nats/tutorials/jwt.md
+++ b/developing-with-nats/tutorials/jwt.md
@ -1,4 +1,4 @@
-# In Depth JWT guide
+# In Depth JWT Guide

 This document provides a step by step deep dive into JWT usage within NATS. Starting with related concepts, it will introduce JWTs and how they can be used in NATS. This will NOT list every JWT/nsc option, but will focus on the important options and concepts.

@ -489,12 +489,12 @@ resolver: URL(http://localhost:9090/jwt/v1/accouts/)
 7. Server verifies if an account JWT issuer is in configured list of trusted operator keys \(derived from operator JWT in configuration\).
 8. Server verifies that a user JWT subject is not in the account's revoked list, or if jwt.issuedAt field has a higher value.
 9. Server verifies that a user JWT issuer is either identical to the account JWT subject or part of the account JWT signing keys.
-10. If all of the above holds true, the connection is authenticated; however, attributes in the User JWT (permissions and limits) might still block authorization.
+10. If all of the above holds true, the above invocation will succeed, only if the user JWT does not contain permissions or limits restricting the operation otherwise.

    ```text
-    > nats -s localhost:4222 "--creds=user.creds" pub "foo" "hello world"
-    16:56:02 Published 11 bytes to "foo"
-    >
+
+    > nats -s localhost:4222 "--creds=user.creds" pub "foo" "hello world" 
+    > 16:56:02 Published 11 bytes to "foo"
    ```

 11. Output if `user.creds` were to contain a JWT where the maximum message payload is limited to 5 bytes
--- a/jetstream/monitoring.md
+++ b/jetstream/monitoring.md
@ -2,11 +2,11 @@

 ## Server Metrics

-Typically, NATS is monitored via HTTP endpoints like `/varz`, we do not at this moment have a JetStream equivelant, but it's planned that server and account level metrics will be made available.
+JetStream has a /[jsz ](../nats-server/configuration/monitoring.md#jetstream-information)HTTP endpoint and advisories available.

 ## Advisories

-JetStream publish a number of advisories that can inform operations about health and state of the Streams. These advisories are published to normal NATS subjects below `$JS.EVENT.ADVISORY.>` and one can store these advisories in JetStream Streams if desired.
+JetStream publishes a number of advisories that can inform operations about the health and the state of the Streams. These advisories are published to normal NATS subjects below `$JS.EVENT.ADVISORY.>` and one can store these advisories in JetStream Streams if desired.

 The command `nats event --js-advisory` can view all these events on your console. The Golang package [jsm.go](https://github.com/nats-io/jsm.go) can consume and render these events and have data types for each of these events.

--- a/nats-server/configuration/monitoring.md
+++ b/nats-server/configuration/monitoring.md
@ -528,7 +528,7 @@ The `/accountz` endpoint reports information on a server's active accounts. The

 **Endpoint:** `http://server:port/accountz`

-| Result | Return Code  |
+| Result | Return Code |
 | :--- | :--- |
 | Success | 200 \(OK\) |
 | Error | 400 \(Bad Request\) |
--- a/nats-tools/nsc/README.md
+++ b/nats-tools/nsc/README.md
@ -40,6 +40,8 @@ nsc/
 5 directories, 1 file
 ```

+**IMPORTANT**: `nsc` version 2.2.0 has been released. This version of nsc only supports `nats-server` v2.2.0 and `nats-account-server` v1.0.0. For more information please refer to the [nsc 2.2.0 release notes](https://github.com/nats-io/nsc/releases/tag/2.2.0).
+
 ## Tutorials

 You can find various task-oriented tutorials to working with the tool here: