Commit graph

31 commits

Author SHA1 Message Date
Eric Chiang
e267dbd236 Merge pull request #708 from ericchiang/ldap-security-docs
Documentation: clarify difference between LDAP ports and security guarentees
2016-11-28 17:07:24 -08:00
Ev
5144ef643b Updated openid-connect.md: small typo
Protocol is written protocl.
2016-11-24 14:01:47 -05:00
Eric Chiang
8b8c076ecf Documentation: clarify difference between LDAP ports and security guarantees
Now that LDAP supports an `insecureSkipVerify` option, clarify that
`insecureNoTLS` is an extremely bad choice and as such we may drop
support for 389 in the future.

However, since we send plain text passwords from our frontend to our
backend, this probably gets us into a bigger conversation about dex's
TLS story. For example when terminiation is approporate. cc'ing
@dghubble for thoughts on how that might apply to our internal uses.

We probably want an overaching security doc at some point, but that
can be another PR.
2016-11-23 12:26:44 -08:00
Eric Chiang
6980920a3a *: document the GitHub connector 2016-11-22 12:53:46 -08:00
Phu Kieu
d4aba443ac Allow getAttr to return DN
Specify "DN" as attribute name to return, but will only work if not present in ldap.Entry.Attributes
Use when full DN is stored in groupSearch's userAttr
2016-11-18 13:51:47 -08:00
Eric Chiang
e6b54250db Merge pull request #684 from ericchiang/examples-k8s-fixup
examples/k8s: update kubernetes examples
2016-11-17 15:28:00 -08:00
Eric Chiang
3ecfaf700e examples/k8s: update kubernetes examples 2016-11-17 14:10:55 -08:00
Eric Chiang
2e74b48492 Merge pull request #690 from rithujohn191/connector-docs
Documentation: LDAP connector documentation.
2016-11-16 16:11:44 -08:00
rithu john
8589650605 Documentation: LDAP connector documentation. 2016-11-16 15:29:17 -08:00
Jeff Schroeder
da6cd9687d Documentation: fix a typo in the storage documentation 2016-11-15 15:14:11 -06:00
Jason Vanderhoof
80770df520 Small spelling fix. 2016-11-11 14:24:17 -07:00
Eric Chiang
674bec0468 Merge pull request #674 from ericchiang/readme-docs-v2
*: readme updates for v2
2016-11-08 15:20:51 -08:00
Eric Chiang
a52e324f68 *: readme updates for v2 2016-11-08 14:36:29 -08:00
Eric Chiang
2417fc9154 Documentation/logos: add logos 2016-11-08 11:51:47 -08:00
Eric Chiang
c9889683b4 Documentation: add doc describing v2 changes 2016-11-04 16:56:21 -07:00
rithu leena john
42dfd3ecec cmd/dex: add option for gRPC client auth CA. 2016-11-02 14:51:22 -07:00
Eric Chiang
2a9051c864 Merge pull request #654 from ericchiang/dev-sql-optimistic-concurrency
storage/sql: use isolation level "serializable" for transactions
2016-11-01 10:16:23 -07:00
Eric Chiang
8debe68314 Documentation: remove caveat about running multiple instances 2016-10-31 23:18:40 -07:00
Eric Chiang
fe1d27586e Documentation: add document on the dex API 2016-10-31 15:25:52 -07:00
rithu leena john
27880dba59 Documentation: adding documentation for running ldap tests locally 2016-10-27 13:20:32 -07:00
Eric Chiang
99e312eadd Merge pull request #632 from ericchiang/dev-docs-storage-options
Documentation: add a document on storage options
2016-10-26 12:33:37 -07:00
Eric Chiang
6c4839860e Documentation: add a document on storage options 2016-10-26 12:32:45 -07:00
Eric Chiang
bc16de0b58 storage/kubernetes: don't guess the kubeconfig location and change test env
Using the default KUBECONFIG environment variable to indicate that
the Kubernetes tests should be run lead to cases where developers
accidentally ran the tests. This has now been changed to
"DEX_KUBECONFIG" and documentation hsa been added detailing how to
run these tests.

Additionally, no other storage reads environment variables for its
normal configuration (outside of tests) so the Kubernetes storage
no longer does.

Overall, be less surprising.
2016-10-23 20:53:29 -07:00
Eric Chiang
774242f750 Documentation/proposals: added a caveats section to upstream refreshing proposal 2016-10-17 11:54:10 -07:00
Eric Chiang
1e5133a98d Documentation/proposals: add a proposal for keeping data in-sync during refreshes 2016-10-08 11:45:55 -07:00
Eric Chiang
0fc8879da1 *: prepare build scripts for a release 2016-10-05 23:43:44 -07:00
Eric Chiang
877eb3dc7b *: add standup script to run DB tests locally and hook up travis 2016-10-03 12:48:26 -07:00
Eric Chiang
bfe560ee21 rename 2016-08-10 22:31:42 -07:00
Eric Chiang
1cbb7700d8 *: add warning to README 2016-08-10 22:26:36 -07:00
Eric Chiang
e377d476ae Documentation: add incomplete intro to OpenID Connect 2016-08-10 22:25:15 -07:00
Eric Chiang
5385ca517a proposals: user objects for revoking refresh tokens and merging accounts 2016-08-08 10:31:59 -07:00