Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 8 of 8 for ldapActualUser (0.1 sec)

  2. github.com/minio/minio

    docs/distributed/samples/myminio-iam-info.zip 

    iam-assets/groups.json {} iam-assets/svcaccts.json {"bobfisher-svcacct-1":{"parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","accessKey":"bobfisher-svcacct-1","secretKey":"bobfisher-svcacct-1","groups":null,"claims":{"accessKey":"bobfisher-svcacct-1","ldapActualUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUser":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","ldapUsername":"bobfisher","parent":"uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io","sa-policy":"inherited-policy"},"sessionPolicy"...
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Sep 12 15:59:00 UTC 2024
    - 1.9K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/admin-handlers-idp-ldap.go 

    				}
			}
			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
			return
		}
		targetUser = lookupResult.NormDN
		opts.claims[ldapUser] = targetUser // DN
		opts.claims[ldapActualUser] = lookupResult.ActualDN

		// Check if this user or their groups have a policy applied.
		ldapPolicies, err := globalIAMSys.PolicyDBGet(targetUser, targetGroups...)
		if err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sat Sep 21 11:35:40 UTC 2024
    - 19.1K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/sts-handlers.go 

    	issClaim = "iss"

	// JWT claim to check the parent user
	parentClaim = "parent"

	// LDAP claim keys
	ldapUser       = "ldapUser"       // this is a key name for a normalized DN value
	ldapActualUser = "ldapActualUser" // this is a key name for the actual DN value
	ldapUserN      = "ldapUsername"   // this is a key name for the short/login username
	// Claim key-prefix for LDAP attributes
	ldapAttribPrefix = "ldapAttrib_"
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 01:29:20 UTC 2024
    - 33.9K bytes
    - Viewed (0)
  5. github.com/minio/minio

    cmd/ftp-server-driver.go 

    			if err != nil {
				return nil, err
			}
			claims := make(map[string]interface{})
			claims[expClaim] = UTCNow().Add(expiryDur).Unix()

			claims[ldapUser] = lookupResult.NormDN
			claims[ldapActualUser] = lookupResult.ActualDN
			claims[ldapUserN] = ctx.Sess.LoginUser()

			// Add LDAP attributes that were looked up into the claims.
			for attribKey, attribValue := range lookupResult.Attributes {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 14 17:11:51 UTC 2024
    - 14K bytes
    - Viewed (0)
  6. github.com/minio/minio

    cmd/sts-handlers_test.go 

    		claims, err := getClaimsFromTokenWithSecret(value.SessionToken, secret)
		if err != nil {
			c.Fatalf("Error getting claims from token: %v", err)
		}

		// Validate claims.
		dnClaim := claims.MapClaims[ldapActualUser].(string)
		if dnClaim != testCase.dn {
			c.Fatalf("Test %d: unexpected dn claim: %s", i+1, dnClaim)
		}
	}

	if _, err = s.adm.DetachPolicyLDAP(ctx, userReq); err != nil {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 10 23:40:37 UTC 2024
    - 97.1K bytes
    - Viewed (0)
  7. github.com/minio/minio

    cmd/iam.go 

    			}
			if err != nil {
				// skip this cred - session token seems invalid
				continue
			}

			ldapUsername, okUserN := jwtClaims.Lookup(ldapUserN)
			ldapActualDN, okDN := jwtClaims.Lookup(ldapActualUser)
			if !okUserN || !okDN {
				// skip this cred - we dont have the
				// username info needed
				continue
			}

			// Collect each new cred.ParentUser into parentUsers
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Oct 29 16:01:48 UTC 2024
    - 74.6K bytes
    - Viewed (0)
  8. github.com/minio/minio

    cmd/iam-store.go 

    			continue
		}

		subClaimValue := cred.ParentUser
		if v, ok := claims.Lookup(subClaim); ok {
			subClaimValue = v
		}
		if v, ok := claims.Lookup(ldapActualUser); ok {
			subClaimValue = v
		}

		roleArn := openid.DummyRoleARN.String()
		s, ok := claims.Lookup(roleArnClaim)
		if ok {
			roleArn = s
		}
		v, ok := res[cred.ParentUser]
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Mon Oct 14 16:35:37 UTC 2024
    - 83.2K bytes
    - Viewed (0)
  9. github.com/minio/minio

    cmd/admin-handlers-users.go 

    		if err != nil {
			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
			return
		}
		targetUser = lookupResult.NormDN
		opts.claims[ldapUser] = targetUser // username DN
		opts.claims[ldapActualUser] = lookupResult.ActualDN

		// Add LDAP attributes that were looked up into the claims.
		for attribKey, attribValue := range lookupResult.Attributes {
			opts.claims[ldapAttribPrefix+attribKey] = attribValue
		}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 03 23:11:02 UTC 2024
    - 85.1K bytes
    - Viewed (0)
Back to top