Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
(SERVER-763) Read client auth info from tk-authz when configured #709
This commit changes the Ruby request handler to read client
This won't pass Travis CI yet and isn't yet ready to merge because it depends upon a snapshot version of
Depending upon how long it takes for PR reviews to take place, I may add some additional docs-related commits with some updates to the language related to the
This commit changes the Ruby request handler to read client authentication info from trapperkeeper-authorization when tk-authz is enabled via the `use-legacy-auth-conf: false` setting. Support for the pre-existing method of getting this info - via X-Client headers or an SSL certificate, depending upon how the `master.allow-header-cert-info` setting is configured - is preserved in the case that no information can be derived from tk-authz. tk-authz is presumed to provide client authentication info via an `authorization` map within the Ring request map.
This commit contains some updates to the `configuration.markdown` and `external_ssl_termination.markdown` docs. The updates pertain to new / deprecated settings in Puppet Server per the integration of support for trapperkeeper-authorization.