Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | No need to concatenate hard-coded lists...bug26393 | Jean-Sebastien Pedron | 2014-12-10 | 2 | -4/+4 |
| | |||||
* | Now that empty keys are dropped, we can always add ssl_* keys | Jean-Sebastien Pedron | 2014-12-10 | 1 | -11/+1 |
| | | | | | If the connection isn't over SSL, ssl_* keys will be empty and dropped anyway. | ||||
* | Filter out auth notification properties with no value | Jean-Sebastien Pedron | 2014-12-03 | 2 | -2/+2 |
| | |||||
* | Style fix: Use ++ to construct EventProps, not multiple temporary variables | Jean-Sebastien Pedron | 2014-12-03 | 2 | -25/+17 |
| | |||||
* | Pass "extra properties" to notify_auth_result/{3,4} instead of a message | Jean-Sebastien Pedron | 2014-12-02 | 2 | -15/+12 |
| | | | | | This avoids to passs an empty message in the case of successful authentication. | ||||
* | Only include ssl/certificate informations when the connection is over SSL | Jean-Sebastien Pedron | 2014-12-02 | 1 | -6/+17 |
| | | | | This gives lighter notifications for plain TCP connections. | ||||
* | Use list comprehension instead of lists:foldl/3 | Jean-Sebastien Pedron | 2014-12-02 | 1 | -8/+8 |
| | | | | | | To keep a somewhat logical order in the list of user_authentication_* properties, reverse the order of the AUTH_NOTIFICATION_INFO_KEYS list. This list was previously reversed by lists:foldl/3. | ||||
* | Use rabbit_misc:format/2 instead of lists:flatten/1 + io_lib:format/2 | Jean-Sebastien Pedron | 2014-12-02 | 2 | -2/+2 |
| | |||||
* | Move the info keys list added to user_authentication_* to a -define() | Jean-Sebastien Pedron | 2014-12-02 | 1 | -15/+6 |
| | |||||
* | Drop {refuse, _, _} from rabbit_auth_mechanism:handle_response/2 return values | Jean-Sebastien Pedron | 2014-11-26 | 2 | -7/+0 |
| | |||||
* | Rephrase a comment to use the present tense | Jean-Sebastien Pedron | 2014-11-26 | 1 | -1/+1 |
| | |||||
* | Update rabbit_auth_mechanism:handle_response() spec to match the change | Jean-Sebastien Pedron | 2014-11-26 | 2 | -3/+6 |
| | |||||
* | Add more properties to the user_authentication_* notifications | Jean-Sebastien Pedron | 2014-11-25 | 3 | -23/+83 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Until now, the only property was {name, Username}. The added properties are: o {connection_type, network | direct} o {error, Message} (only if the authentication failed) For network connections, the following informations are added as returned by rabbit_reader:infos/2: o auth_mechanism o host o name (the property is renamed to connection_name to avoid conflict with the username) o peer_cert_issuer o peer_cert_subject o peer_cert_validity o peer_host o peer_port o protocol o ssl o ssl_cipher o ssl_protocol o vhost The notification is sent by rabbit_reader:notify_auth_result/5 and rabbit_direct:notify_auth_result/4, not by rabbit_access_control:check_user_login/2 anymore. This fixes a bug where a "user_authentication_success" event would be sent by rabbit_access_control:check_user_login/2, even if rabbit_reader:auth_phase/2 rejects the user later because the connection isn't on the loopback interface. | ||||
* | stable to default | Simon MacMullen | 2014-11-25 | 1 | -0/+6 |
|\ | |||||
| * | Merge bug26367rabbitmq_v3_4_2 | Simon MacMullen | 2014-11-25 | 1 | -9/+49 |
| |\ | |||||
| * | | Add a comment so we remember x-dead-letter-exchange was already verifiedbug26367 | Jean-Sebastien Pedron | 2014-11-24 | 1 | -4/+6 |
| | | | | | | | | | | | | While here, rename the check function to a more sensible name. | ||||
| * | | Restore the "x-dead-letter-exchange" check lost in changeset 12133 | Jean-Sebastien Pedron | 2014-11-24 | 1 | -0/+4 |
| | | | |||||
* | | | stable to default | Simon MacMullen | 2014-11-25 | 1 | -7/+29 |
|\ \ \ | | |/ | |/| | |||||
| * | | Merge bug26474 (again) | Simon MacMullen | 2014-11-25 | 1 | -7/+29 |
| |\ \ | |||||
| | * | | Also add a tiny bit more logging, for symmetry.bug26474 | Simon MacMullen | 2014-11-25 | 1 | -0/+4 |
| | | | | |||||
| | * | | Mutual disconnect when partial partition detected. And don't allow a very ↵ | Simon MacMullen | 2014-11-25 | 1 | -1/+23 |
| | | | | | | | | | | | | | | | | short disconnection since Mnesia might not detect it. | ||||
| | * | | Do not attempt to "fix up" the partitions field; if Mnesia does not detect ↵ | Simon MacMullen | 2014-11-25 | 1 | -6/+2 |
| | | | | | | | | | | | | | | | | the partition it will behave wrong anyway. | ||||
* | | | | Merge heads of default | Jean-Sebastien Pedron | 2014-11-24 | 1 | -4/+4 |
|\ \ \ \ | |||||
| * \ \ \ | Merge bug26257 (again) | Jean-Sebastien Pedron | 2014-11-24 | 4 | -7/+23 |
| |\ \ \ \ | |||||
| * | | | | | When reporting invalid cluster node names, keep configuration orderbug26257 | Jean-Sebastien Pedron | 2014-11-24 | 1 | -4/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | While here, fix an unused variable warning. | ||||
* | | | | | | stable to default | Simon MacMullen | 2014-11-24 | 16 | -178/+493 |
|\ \ \ \ \ \ | | |/ / / / | |/| / / / | |_|/ / / |/| | | | | |||||
| * | | | | Merge bug26257 | Simon MacMullen | 2014-11-21 | 1 | -14/+34 |
| |\ \ \ \ | | |/ / / | |||||
| | * | | | Detect other invalid 'cluster_nodes' values | Jean-Sebastien Pedron | 2014-11-21 | 1 | -7/+33 |
| | | | | | | | | | | | | | | | | | | | | In all cases, abort startup with an explanatory message. | ||||
| | * | | | Remove support for the legacy 'cluster_nodes' values | Jean-S?bastien P?dron | 2014-11-20 | 1 | -13/+7 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this change, a list of nodes without the node type was accepted. In this case, the node type was guessed and a warning suggesting how to update the configuration was logged. Now, the node type is mandatory and the RabbitMQ server refuses to start if the node type is unspecified. | ||||
| * | | | | stable to default | Simon MacMullen | 2014-11-20 | 3 | -15/+13 |
| |\ \ \ \ | | | |_|/ | | |/| | | |||||
| * | | | | stable to default | Simon MacMullen | 2014-11-20 | 1 | -1/+13 |
| |\ \ \ \ | |||||
| * \ \ \ \ | stable to default | Simon MacMullen | 2014-11-20 | 1 | -1/+7 |
| |\ \ \ \ \ | | |_|_|/ / | |/| | | | | |||||
| * | | | | | stable to default | Simon MacMullen | 2014-11-19 | 1 | -0/+5 |
| |\ \ \ \ \ | |||||
| * \ \ \ \ \ | Merge bug26469 | Simon MacMullen | 2014-11-14 | 11 | -96/+201 |
| |\ \ \ \ \ \ | |||||
| | * | | | | | | Tweak the APIs again, so that authz plugins aren't expected to create a ↵bug26469 | Simon MacMullen | 2014-11-14 | 8 | -71/+120 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | #auth_user record in the first place, just whatever impl they want. Which necessitates seperate login functions for authz and authn, and if we're going to do that we might as well split the behaviours so that we have the possibility of making an authz-only plugin. | ||||
| | * | | | | | | Rename. | Simon MacMullen | 2014-11-14 | 1 | -2/+2 |
| | | | | | | | | |||||
| | * | | | | | | Fix tests. | Simon MacMullen | 2014-11-14 | 1 | -4/+6 |
| | | | | | | | | |||||
| | * | | | | | | Never pass the #user{} record into auth backends, they should only see their ↵ | Simon MacMullen | 2014-11-13 | 7 | -62/+87 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | own stuff. Get rid of authN_backend, it has little reason for existing. Flatten case of authZ_backend. | ||||
| | * | | | | | | Cosmetic. | Simon MacMullen | 2014-11-13 | 1 | -31/+30 |
| | | | | | | | | |||||
| | * | | | | | | Import changes from ↵ | Simon MacMullen | 2014-11-13 | 10 | -66/+96 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/gotthardp/rabbitmq-server/tree/multi_authorization | ||||
| * | | | | | | | stable to default | Simon MacMullen | 2014-11-14 | 4 | -68/+258 |
| |\ \ \ \ \ \ \ | | |/ / / / / / | |||||
| | * | | | | | | Merge bug26457 | Simon MacMullen | 2014-11-13 | 1 | -2/+10 |
| | |\ \ \ \ \ \ | |||||
| | | * | | | | | | R13B03 compatibility. | Simon MacMullen | 2014-11-13 | 1 | -2/+10 |
| | | | | | | | | | |||||
| | * | | | | | | | Remove a couple of TODOs, make the read buffer size configurable, and don't ↵bug26457 | Simon MacMullen | 2014-11-13 | 2 | -5/+12 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use the read buffer for the QI or msg store transform since they already read in decent sized chunks. | ||||
| | * | | | | | | | Small refactor suggested by Matthias. | Simon MacMullen | 2014-11-13 | 1 | -20/+14 |
| | | | | | | | | | |||||
| | * | | | | | | | Be a bit more systematic about reseting the read buffer. | Simon MacMullen | 2014-11-13 | 1 | -21/+30 |
| | | | | | | | | | |||||
| | * | | | | | | | If they ask to read more than the buffer size, do so. | Simon MacMullen | 2014-11-13 | 1 | -2/+2 |
| | | | | | | | | | |||||
| | * | | | | | | | Merge in default | Simon MacMullen | 2014-11-12 | 5 | -14/+31 |
| | |\ \ \ \ \ \ \ | | | |/ / / / / / | |||||
| | | * | | | | | | Merge bug24781 | Simon MacMullen | 2014-11-12 | 3 | -5/+10 |
| | | |\ \ \ \ \ \ | |||||
| | | | * \ \ \ \ \ | stable to default | Simon MacMullen | 2014-11-12 | 1 | -30/+72 |
| | | | |\ \ \ \ \ \ |