Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 15 of 15 for IsTemp (0.04 sec)

  2. github.com/minio/minio

    cmd/iam-etcd-store.go 

    		return nil
	}
	if u.Credentials.AccessKey == "" {
		u.Credentials.AccessKey = user
	}
	if u.Credentials.SessionToken != "" {
		jwtClaims, err := extractJWTClaims(u)
		if err != nil {
			if u.Credentials.IsTemp() {
				// We should delete such that the client can re-request
				// for the expiring credentials.
				deleteKeyEtcd(ctx, ies.client, getUserIdentityPath(user, userType))
    Registered: Sun Dec 28 19:28:13 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 13.9K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/admin-handlers-idp-ldap.go 

    	// account or STS account):
	requestorUser := cred.AccessKey
	requestorParentUser := cred.AccessKey
	requestorGroups := cred.Groups
	requestorIsDerivedCredential := false
	if cred.IsServiceAccount() || cred.IsTemp() {
		requestorParentUser = cred.ParentUser
		requestorIsDerivedCredential = true
	}

	// Check if we are creating svc account for request sender.
    Registered: Sun Dec 28 19:28:13 UTC 2025
    - Last Modified: Fri Aug 08 02:46:04 UTC 2025
    - 19.2K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/iam-object-store.go 

    	}

	if u.Credentials.AccessKey == "" {
		u.Credentials.AccessKey = user
	}

	if u.Credentials.SessionToken != "" {
		jwtClaims, err := extractJWTClaims(u)
		if err != nil {
			if u.Credentials.IsTemp() {
				// We should delete such that the client can re-request
				// for the expiring credentials.
				iamOS.deleteIAMConfig(ctx, getUserIdentityPath(user, userType))
    Registered: Sun Dec 28 19:28:13 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 26.6K bytes
    - Viewed (0)
  5. github.com/minio/minio

    cmd/sts-handlers.go 

    	if s3Err != ErrNone {
		return auth.Credentials{}, s3Err
	}

	// Temporary credentials or Service accounts cannot generate further temporary credentials.
	if user.IsTemp() || user.IsServiceAccount() {
		return auth.Credentials{}, ErrAccessDenied
	}

	// Session tokens are not allowed in STS AssumeRole requests.
	if getSessionToken(r) != "" {
    Registered: Sun Dec 28 19:28:13 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 36.6K bytes
    - Viewed (0)
  6. github.com/minio/minio

    cmd/site-replication.go 

    				replLogOnceIf(ctx,
					fmt.Errorf("Unable to heal service account from peer site %s -> %s : %w", latestPeerName, peerName, err),
					fmt.Sprintf("heal-user-%s", user))
			}
			continue
		}
		if creds.IsTemp() && !creds.IsExpired() {
			var parentPolicy string
			u, err := globalIAMSys.GetUserInfo(ctx, creds.ParentUser)
			if err != nil {
				// Parent may be "virtual" (for ldap, oidc, client tls auth,
    Registered: Sun Dec 28 19:28:13 UTC 2025
    - Last Modified: Sun Sep 28 20:59:21 UTC 2025
    - 184.8K bytes
    - Viewed (1)
Back to top