taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity

updating docs

Browse Source
This commit is contained in:
ainsley
2019-05-29 11:47:21 -05:00
parent 0f32311e3a
commit d35e3cb277
151 changed files with 5644 additions and 658 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
docs/nats_server/authorization.html
View File

@@ -1044,9 +1044,9 @@
</li>
<li class="chapter " data-level="4.5.1.2.5" data-path="jwt_auth.html">
<li class="chapter " data-level="4.5.1.2.5" data-path="accounts.html">
<a href="jwt_auth.html">
<a href="accounts.html">
Accounts
@@ -1057,7 +1057,20 @@
</li>
<li class="chapter " data-level="4.5.1.2.6" data-path="auth_timeout.html">
<li class="chapter " data-level="4.5.1.2.6" data-path="jwt_auth.html">
<a href="jwt_auth.html">
JWTs
</a>
</li>
<li class="chapter " data-level="4.5.1.2.7" data-path="auth_timeout.html">
<a href="auth_timeout.html">
@@ -2332,7 +2345,7 @@
</tr>
</tbody>
</table>
<p><strong>Important Note</strong> NATS Authorizations are whitelist only, meaning to not break request/reply patterns you need to add rules as above with Alice and Bob for the <code>_INBOX.&gt;</code> pattern. If an unauthorized client publishes or attempts to subscribe to a subject that has not been whitelisted, the action fails and is logged at the server, and an error message is returned to the client.</p>
<p><strong>Important Note</strong> NATS Authorizations can be <em>allow lists</em>, <em>deny lists</em>, or both. It is important to not break request/reply patterns. In some cases (as shown below) you need to add rules as above with Alice and Bob for the <code>_INBOX.&gt;</code> pattern. If an unauthorized client publishes or attempts to subscribe to a subject that has not been <em>allow listed</em>, the action fails and is logged at the server, and an error message is returned to the client.</p>
<h3 id="example"><a name="example" class="plugin-anchor" href="#example"><i class="fa fa-link" aria-hidden="true"></i></a>Example</h3>
<p>Here is an example authorization configuration that uses <em>variables</em> which defines four users, three of whom are assigned explicit permissions.</p>
<pre class="language-"><code class="lang-ascii">authorization {
@@ -2374,7 +2387,7 @@
</li>
</ul>
<blockquote>
<p>Note that in the above example, any client with permissions to subscribe to <code>_INBOX.&gt;</code> can receive <em>all</em> responses published. More sensitive installations will want to add or subset the prefix to further limit subjects that a client can subscribe. Alternatively, <a href="jwt_auth.html"><em>Accounts</em></a> allow complete isolation limiting what members of an account can see.</p>
<p>Note that in the above example, any client with permissions to subscribe to <code>_INBOX.&gt;</code> can receive <em>all</em> responses published. More sensitive installations will want to add or subset the prefix to further limit subjects that a client can subscribe. Alternatively, <a href="accounts.html"><em>Accounts</em></a> allow complete isolation limiting what members of an account can see.</p>
</blockquote>
@@ -2419,7 +2432,7 @@
<script>
var gitbook = gitbook || [];
gitbook.push(function() {
gitbook.page.hasChanged({"page":{"title":"Authorization","level":"4.5.1.3","depth":3,"next":{"title":"Clustering","level":"4.5.2","depth":2,"path":"nats_server/clustering.md","ref":"nats_server/clustering.md","articles":[{"title":"Configuration","level":"4.5.2.1","depth":3,"path":"nats_server/cluster_config.md","ref":"nats_server/cluster_config.md","articles":[]},{"title":"TLS Authentication","level":"4.5.2.2","depth":3,"path":"nats_server/cluster_tls.md","ref":"nats_server/cluster_tls.md","articles":[]}]},"previous":{"title":"Authentication Timeout","level":"4.5.1.2.6","depth":4,"path":"nats_server/auth_timeout.md","ref":"nats_server/auth_timeout.md","articles":[]},"dir":"ltr"},"config":{"plugins":["prism","-highlight","include-html","toggle-chapters","anchors"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"prism":{"lang":{"ascii":"markup","text":"markup"}},"search":{},"lunr":{"maxIndexSize":1000000,"ignoreSpecialCharacters":false},"include-html":{},"fontsettings":{"theme":"white","family":"sans","size":2},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"anchors":{},"toggle-chapters":{}},"theme":"default","author":"The NATS Maintainers","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"NATS","gitbook":"*","description":"Administrative, developer and conceptual documentation for the NATS messaging system."},"file":{"path":"nats_server/authorization.md","mtime":"2019-05-22T19:29:21.312Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2019-05-24T21:09:44.530Z"},"basePath":"..","book":{"language":""}});
gitbook.page.hasChanged({"page":{"title":"Authorization","level":"4.5.1.3","depth":3,"next":{"title":"Clustering","level":"4.5.2","depth":2,"path":"nats_server/clustering.md","ref":"nats_server/clustering.md","articles":[{"title":"Configuration","level":"4.5.2.1","depth":3,"path":"nats_server/cluster_config.md","ref":"nats_server/cluster_config.md","articles":[]},{"title":"TLS Authentication","level":"4.5.2.2","depth":3,"path":"nats_server/cluster_tls.md","ref":"nats_server/cluster_tls.md","articles":[]}]},"previous":{"title":"Authentication Timeout","level":"4.5.1.2.7","depth":4,"path":"nats_server/auth_timeout.md","ref":"nats_server/auth_timeout.md","articles":[]},"dir":"ltr"},"config":{"plugins":["prism","-highlight","include-html","toggle-chapters","anchors"],"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"pluginsConfig":{"prism":{"lang":{"ascii":"markup","text":"markup"}},"search":{},"lunr":{"maxIndexSize":1000000,"ignoreSpecialCharacters":false},"include-html":{},"fontsettings":{"theme":"white","family":"sans","size":2},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"theme-default":{"styles":{"website":"styles/website.css","pdf":"styles/pdf.css","epub":"styles/epub.css","mobi":"styles/mobi.css","ebook":"styles/ebook.css","print":"styles/print.css"},"showLevel":false},"anchors":{},"toggle-chapters":{}},"theme":"default","author":"The NATS Maintainers","pdf":{"pageNumbers":true,"fontSize":12,"fontFamily":"Arial","paperSize":"a4","chapterMark":"pagebreak","pageBreaksBefore":"/","margin":{"right":62,"left":62,"top":56,"bottom":56}},"structure":{"langs":"LANGS.md","readme":"README.md","glossary":"GLOSSARY.md","summary":"SUMMARY.md"},"variables":{},"title":"NATS","gitbook":"*","description":"Administrative, developer and conceptual documentation for the NATS messaging system."},"file":{"path":"nats_server/authorization.md","mtime":"2019-05-29T16:43:54.847Z","type":"markdown"},"gitbook":{"version":"3.2.3","time":"2019-05-29T16:45:48.381Z"},"basePath":"..","book":{"language":""}});
});
</script>
</div>