taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity
nats.docs/nats-server/configuration/securing_nats/auth_intro/username_password.md
Phil Pennock 28f7c2f1b4 Multiple typo and bug fixes 
* Typos in prose
* Typo fix in copy/paste (dropped a letter)
* markup fix: keep list within quoted text
* Auto-corrupt cleanup: Jason to JSON
* gateway: multiple typos and language nits
* monitoring: add missing leafz, fix subsz spelling
2019-12-19 11:54:24 -05:00

1.2 KiB
Raw Blame History

Username/Password

You can authenticate one or more clients using username and passwords; this enables you to have greater control over the management and issuance of credential secrets.

For a single user:

authorization: {
    user: a,
    password: b
}

You can also specify a single username/password by:

> nats-server --user a --pass b

For multiple users:

authorization: {
    users: [
        {user: a, password: b},
        {user: b, password: a}
    ]
}

Bcrypted Passwords

Username/password also supports bcrypted passwords using the mkpasswd tool. Simply replace the clear text password with the bcrypted entries:

> mkpasswd
pass: (Uffs#rG42PAu#Oxi^BNng
bcrypt hash: $2a$11$V1qrpBt8/SLfEBr4NJq4T.2mg8chx8.MTblUiTBOLV3MKDeAy.f7u

And on the configuration file:

authorization: {
    users: [
        {user: a, password: "$2a$11$V1qrpBt8/SLfEBr4NJq4T.2mg8chx8.MTblUiTBOLV3MKDeAy.f7u"},
        ...    
    ]
}

Reloading a Configuration

As you add/remove passwords from the server configuration file, you'll want your changes to take effect. To reload without restarting the server and disconnecting clients, do:

> nats-server --signal reload