MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-25 03:56:17 -05:00
Code Issues Packages Projects Releases Wiki Activity

support ldap:username for policy substitution (#12390)

Browse Source 
LDAPusername is the simpler form of LDAPUser (userDN),
using a simpler version is convenient from policy
conditions point of view, since these are unique id's
used for LDAP login.
This commit is contained in:
Harshavardhana
2021-05-28 10:33:07 -07:00
committed by GitHub
parent fa8e3151bc
commit 4444ba13a4
6 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/bucket/policy/condition/key.go
View File

@@ -148,6 +148,7 @@ var AllSupportedKeys = append([]Key{
AWSUserID,
AWSUsername,
LDAPUser,
LDAPUsername,
// Add new supported condition keys.
}, JWTKeys...)
@@ -167,6 +168,7 @@ var CommonKeys = append([]Key{
AWSUserID,
AWSUsername,
LDAPUser,
LDAPUsername,
}, JWTKeys...)
func substFuncFromValues(values map[string][]string) func(string) string {

5
pkg/bucket/policy/condition/ldap.go
View File

@@ -18,6 +18,9 @@
package condition
const (
// LDAPUser - LDAP username, in MinIO this value is equal to your authenticating LDAP user.
// LDAPUser - LDAP user DN, in MinIO this value is equal to user DN of the authenticated user.
LDAPUser Key = "ldap:user"
// LDAPUsername - LDAP username, in MinIO is the authenticated simply user.
LDAPUsername Key = "ldap:username"
)