Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get LDAP identity for console access/secret keys #398

Merged
merged 1 commit into from
Nov 20, 2020
Merged

Get LDAP identity for console access/secret keys #398

merged 1 commit into from
Nov 20, 2020

Conversation

Alevsk
Copy link
Contributor

@Alevsk Alevsk commented Nov 18, 2020
edited
Loading

If MinIO is configured with LDAP then users and groups are external, and
the credentials provided in the CONSOLE_ACCESS_KEY and
CONSOLE_SECRET_KEY env vars will belong to an existing user in the active
directory, therefore we need to authenticate first with
credentials.NewLDAPIdentity

@Alevsk Alevsk self-assigned this Nov 18, 2020
@Alevsk Alevsk added the WIP This PR is WIP and cannot be merged yet label Nov 18, 2020
@Alevsk Alevsk changed the title Get LDAP identity for console access/secret keys [WIP] Get LDAP identity for console access/secret keys Nov 18, 2020
@Alevsk Alevsk removed the WIP This PR is WIP and cannot be merged yet label Nov 18, 2020
@Alevsk Alevsk changed the title [WIP] Get LDAP identity for console access/secret keys Get LDAP identity for console access/secret keys Nov 18, 2020
bexsoft
bexsoft previously approved these changes Nov 18, 2020
View reviewed changes
harshavardhana
harshavardhana previously approved these changes Nov 18, 2020
View reviewed changes
@Alevsk Alevsk added the blocked label Nov 19, 2020
@Alevsk Alevsk changed the title Get LDAP identity for console access/secret keys [BLOCKED] Get LDAP identity for console access/secret keys Nov 19, 2020
@Alevsk Alevsk dismissed stale reviews from harshavardhana and bexsoft via eda14de November 19, 2020 05:50
@Alevsk Alevsk force-pushed the ldap-admin branch 3 times, most recently from c042585 to 71e1a8a Compare November 20, 2020 02:58
@Alevsk Alevsk mentioned this pull request Nov 20, 2020
Closed
@Alevsk Alevsk linked an issue Nov 20, 2020 that may be closed by this pull request
certs/CAs certificates are not loaded if TLS is not enabled for Console #417
Closed
@Alevsk
Get LDAP identity for console access/secret keys
eda625f 
- If MinIO is configured with LDAP then users and groups are external, and
  the credentials provided in the CONSOLE_ACCESS_KEY and
  CONSOLE_SECRET_KEY env vars will belong to an existing user in the active
  directory, therefore we need to authenticate first with
  `credentials.NewLDAPIdentity`
- Fixed race condition bug in which TLS RootCAs certs were not loading
  correctly (certPool was always null)
- Fixed TLS bug in which if Console was deployed without TLS enabled
  RootCAs certs were not loading
- Initialize LDAP Admin credentials once
- Initialize stsClient once
@Alevsk Alevsk changed the title [BLOCKED] Get LDAP identity for console access/secret keys Get LDAP identity for console access/secret keys Nov 20, 2020
@Alevsk Alevsk removed the blocked label Nov 20, 2020
cesnietor
cesnietor approved these changes Nov 20, 2020
View reviewed changes
Copy link
Collaborator

@cesnietor cesnietor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dvaldivia dvaldivia merged commit 7a23582 into minio:master Nov 20, 2020
@Alevsk Alevsk deleted the ldap-admin branch November 20, 2020 20:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@harshavardhana harshavardhana harshavardhana approved these changes

@cesnietor cesnietor cesnietor approved these changes

@dvaldivia dvaldivia dvaldivia approved these changes

@bexsoft bexsoft Awaiting requested review from bexsoft

Assignees

@Alevsk Alevsk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

certs/CAs certificates are not loaded if TLS is not enabled for Console
5 participants
@Alevsk @harshavardhana @cesnietor @dvaldivia @bexsoft