Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 8 of 8 for ldapActualUser (0.19 sec)

  1. docs/distributed/samples/myminio-iam-info.zip

    iam-assets/groups.json {} iam-assets/svcaccts.json {"bobfisher-svcacct-1":{"parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","accessKey":"bobfisher-svcacct-1","secretKey":"bobfisher-svcacct-1","groups":null,"claims":{"accessKey":"bobfisher-svcacct-1","ldapActualUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUsername":"bobfisher","parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","sa-policy":"inherited-policy"},"sessionPolicy"...
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Sep 12 15:59:00 UTC 2024
    - 1.9K bytes
    - Viewed (0)
  2. cmd/admin-handlers-idp-ldap.go

    				}
    			}
    			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
    			return
    		}
    		targetUser = lookupResult.NormDN
    		opts.claims[ldapUser] = targetUser // DN
    		opts.claims[ldapActualUser] = lookupResult.ActualDN
    
    		// Check if this user or their groups have a policy applied.
    		ldapPolicies, err := globalIAMSys.PolicyDBGet(targetUser, targetGroups...)
    		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sat Sep 21 11:35:40 UTC 2024
    - 19.1K bytes
    - Viewed (0)
  3. cmd/sts-handlers.go

    	issClaim = "iss"
    
    	// JWT claim to check the parent user
    	parentClaim = "parent"
    
    	// LDAP claim keys
    	ldapUser       = "ldapUser"       // this is a key name for a normalized DN value
    	ldapActualUser = "ldapActualUser" // this is a key name for the actual DN value
    	ldapUserN      = "ldapUsername"   // this is a key name for the short/login username
    	// Claim key-prefix for LDAP attributes
    	ldapAttribPrefix = "ldapAttrib_"
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 01:29:20 UTC 2024
    - 33.9K bytes
    - Viewed (0)
  4. cmd/ftp-server-driver.go

    			if err != nil {
    				return nil, err
    			}
    			claims := make(map[string]interface{})
    			claims[expClaim] = UTCNow().Add(expiryDur).Unix()
    
    			claims[ldapUser] = lookupResult.NormDN
    			claims[ldapActualUser] = lookupResult.ActualDN
    			claims[ldapUserN] = ctx.Sess.LoginUser()
    
    			// Add LDAP attributes that were looked up into the claims.
    			for attribKey, attribValue := range lookupResult.Attributes {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 14 17:11:51 UTC 2024
    - 14K bytes
    - Viewed (0)
  5. cmd/sts-handlers_test.go

    		claims, err := getClaimsFromTokenWithSecret(value.SessionToken, secret)
    		if err != nil {
    			c.Fatalf("Error getting claims from token: %v", err)
    		}
    
    		// Validate claims.
    		dnClaim := claims.MapClaims[ldapActualUser].(string)
    		if dnClaim != testCase.dn {
    			c.Fatalf("Test %d: unexpected dn claim: %s", i+1, dnClaim)
    		}
    	}
    
    	if _, err = s.adm.DetachPolicyLDAP(ctx, userReq); err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 10 23:40:37 UTC 2024
    - 97.1K bytes
    - Viewed (0)
  6. cmd/iam.go

    			}
    			if err != nil {
    				// skip this cred - session token seems invalid
    				continue
    			}
    
    			ldapUsername, okUserN := jwtClaims.Lookup(ldapUserN)
    			ldapActualDN, okDN := jwtClaims.Lookup(ldapActualUser)
    			if !okUserN || !okDN {
    				// skip this cred - we dont have the
    				// username info needed
    				continue
    			}
    
    			// Collect each new cred.ParentUser into parentUsers
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Oct 29 16:01:48 UTC 2024
    - 74.6K bytes
    - Viewed (0)
  7. cmd/iam-store.go

    			continue
    		}
    
    		subClaimValue := cred.ParentUser
    		if v, ok := claims.Lookup(subClaim); ok {
    			subClaimValue = v
    		}
    		if v, ok := claims.Lookup(ldapActualUser); ok {
    			subClaimValue = v
    		}
    
    		roleArn := openid.DummyRoleARN.String()
    		s, ok := claims.Lookup(roleArnClaim)
    		if ok {
    			roleArn = s
    		}
    		v, ok := res[cred.ParentUser]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Oct 14 16:35:37 UTC 2024
    - 83.2K bytes
    - Viewed (0)
  8. cmd/admin-handlers-users.go

    		if err != nil {
    			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
    			return
    		}
    		targetUser = lookupResult.NormDN
    		opts.claims[ldapUser] = targetUser // username DN
    		opts.claims[ldapActualUser] = lookupResult.ActualDN
    
    		// Add LDAP attributes that were looked up into the claims.
    		for attribKey, attribValue := range lookupResult.Attributes {
    			opts.claims[ldapAttribPrefix+attribKey] = attribValue
    		}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 03 23:11:02 UTC 2024
    - 85.1K bytes
    - Viewed (0)
Back to top