self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 17:53:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
3142 commits 3226 branches 4171 tags 1.3 GiB
Commit graph

314 commits

Author SHA1 Message Date
Russell Jones 6a1c045fa6 Fix issue where users would get locked out when using OTP tokens. 2017-10-11 22:56:55 +00:00
Alexey Kontsevoy e86fffd28f (web) adding CSRF protection to OIDC and SAML callbacks 2017-10-06 16:19:05 -04:00
Russell Jones a0777239b1 By default, no rules. 2017-09-14 13:25:28 -07:00
Russell Jones 0354833211 Additional cleanup (added error messages). 2017-09-14 10:59:25 -07:00
Russell Jones ff63e664de Refactored Trusted Cluster creation/update. 2017-09-12 18:44:49 -07:00
Russell Jones 028eb12aae Remove VerbConnect. 2017-09-12 15:18:45 -07:00
Ev Kontsevoy 3533903c0e Lots of documentation edits. 
Minor code changes too (only comments)
 2017-09-11 20:27:42 -07:00
Ev Kontsevoy 5f62b88109 OSS handling of trusted clusters 2017-09-10 15:55:24 -07:00
Russell Jones 1438e40de0 Always include second factor in authentication settings for fallback 
login and only call CheckAndSetDefaults on the metadata when
unmarshaling a SAML connector.
 2017-09-08 23:58:08 +00:00
Russell Jones f9ad90f705 Add root to the list of logins for an Enterprise role. 2017-09-07 17:56:11 -07:00
Russell Jones 294f835a9e Added VerbReadNoSecrets. 2017-09-07 17:00:36 -07:00
Alexey Kontsevoy 88b363ebdd addressing CR comments 2017-09-07 12:24:04 -04:00
Alexey Kontsevoy f6b30ca666 Merge branch 'master' of github.com:gravitational/teleport into features 2017-09-07 11:08:07 -04:00
Alexey Kontsevoy 9fa799aa70 add default namespace value to V3 role spec deny section 2017-09-07 11:08:00 -04:00
Russell Jones f89f18fbf7 Remove allowed logins and labels from implicit role. 2017-09-06 19:57:20 +00:00
Ev Kontsevoy 259af1ae34 Better error message and structured RBAC logging 
RBAC log messages (internal Teleport log) are now prefixed with [RBAC]
 2017-09-05 21:02:06 -07:00
Russell Jones e9ae5a1e27 Renamed default role to admin role. 2017-09-05 12:23:07 -07:00
Russell Jones c1f92ba3a7 Remove ReadSecrets and replace with ReadUpdate. 2017-09-05 11:34:55 -07:00
Ev Kontsevoy a7db6d7ca6 tctl changes (polish for 2.3) 
This commit refs #1137

- tctl get user/joe now works (as reported in #1247)
- tctl create/rm roles changes
- added synonyms for various resources
- made YAML the default output for tctl get
- added better help + examples for tctl get
- edited error messages
- minor refactoring
- added the system of "command plugins" which allows enterprise version
  of tctl to introduce different behavior to OSS commands
 2017-09-03 19:23:57 -07:00
Sasha Klizhentas dbd3fd85c3 update comment 2017-08-31 18:03:12 -07:00
Sasha Klizhentas 8137ef75d4 add raw object setter 2017-08-31 18:00:32 -07:00
Sasha Klizhentas 48f49aaa26 interface refactoring 2017-08-31 15:08:06 -07:00
Russell Jones 64d1fc9a9d Updated SetClusterName to call CreateVal on the backend instead of 
UpsertVal. This way the ClusterName can only be set once.
 2017-08-31 11:24:55 -07:00
Russell Jones 55a9553a22 Added KindAuthConnector resource that gives access to KindOIDC and 
KindSAML.
 2017-08-30 20:23:03 +00:00
Russell Jones c543067001 Removed namespaces and expires from user interface. 2017-08-30 18:11:13 +00:00
Sasha Klizhentas d182d1bcc8 switch from client-go to apimachinery release-1.7 2017-08-28 18:25:39 -07:00
Sasha Klizhentas 1537fa2254 Merge branch 'master' into sasha/where2 2017-08-27 13:14:27 -07:00
Russell Jones 444d62ef8c Session access controls. 2017-08-26 00:55:20 +00:00
Sasha Klizhentas 699d1ada3d fix error message 2017-08-25 12:51:33 -07:00
Sasha Klizhentas 2a60416bf0 tweak log action 2017-08-25 11:29:33 -07:00
Sasha Klizhentas 1be9f01452 interface updates 2017-08-25 11:06:01 -07:00
Sasha Klizhentas d7e5f7f4f6 add tests 2017-08-25 10:51:49 -07:00
Sasha Klizhentas 1fded0886a scaffolding for rules matchers 2017-08-24 20:24:47 -07:00
Sasha Klizhentas 0c77c5c0e9 refactor internal rule representation 2017-08-23 19:08:56 -07:00
Sasha Klizhentas 8b81a0c384 Migrate to golang/dep for dependency management 
Update following packages:

* Replace Sirupsen/log with sirupsen/log everywhere
* Update etcd client to 3.2.4
* Update docker/term to moby/term
* Update kr/pty to v1.0.0 release
* Update K8s client to 2.0
 2017-08-22 15:30:30 -07:00
Russell Jones 8838a419af Added support for role rules. 2017-08-21 10:53:50 -07:00
Russell Jones 4719c4bdfa Allow enable or disable of a TrustedCluster without performing the 
exchange again.
 2017-08-18 20:14:42 +00:00
Russell Jones 865000d6fe Reintroduced --auth flag to tsh. 2017-08-09 17:24:54 -07:00
Russell Jones b4c805fe23 Re-factored cluster configuration. 2017-08-07 17:20:16 -07:00
Russell Jones 64d743fc5d Added support for default roles. 2017-08-01 00:54:05 +00:00
Russell Jones b324616208 Added support for role variables. 2017-07-24 22:06:07 +00:00
Russell Jones a77d560064 Updated logs and checked rule names. 2017-07-18 11:24:59 -07:00
Russell Jones 926456628d Added more test coverage for RoleV3. 2017-07-18 11:20:49 -07:00
Russell Jones f5787ca40f Minor RoleV3 cleanup. 2017-07-18 11:20:49 -07:00
Russell Jones 8a6d8d5d33 Added RoleV2 -> RoleV3 migration. 2017-07-18 11:20:49 -07:00
Russell Jones 1e76d20fa3 Updated RoleV3 format to support resources to enable backward compatibility 
with RoleV2.
 2017-07-18 11:20:49 -07:00
Russell Jones 9348490be2 Code review comments on RoleV3. 2017-07-18 11:20:49 -07:00
Russell Jones 226405fba6 Moved MaxSessionTTL into RoleOptions. 2017-07-18 11:20:49 -07:00
Russell Jones 6299d349c1 Introduced and migrated to RoleV3. 2017-07-18 11:20:48 -07:00
Russell Jones 2286c6593d Remote clusters should only send their own CAs. 2017-06-27 11:55:59 -07:00