- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 25 for PERMISSIVE (0.15 sec)
-
tests/integration/security/pass_through_filter_chain_test.go
}, }, { // There is only authN policy that enables mTLS (Permissive). // The request should be allowed because the client is always using plain text. name: "PERMISSIVE", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: mtls spec: mtls: mode: PERMISSIVE`, expected: []expect{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
pilot/pkg/networking/core/peer_authentication_simulation_test.go
mode: DISABLE ---` paPermissive := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls: mode: PERMISSIVE ---` paStrictWithDisableOnPort9000 := ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: selector: matchLabels: app: foo mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
MTLSUnknown MutualTLSMode = iota // MTLSDisable if authentication policy disable mTLS. MTLSDisable // MTLSPermissive if authentication policy enable mTLS in permissive mode. MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// replacement for permissive. mode = model.MTLSDisable } var out []*listener.FilterChain switch mode { case model.MTLSDisable: out = append(out, buildInboundFilterChain(node, push, "plaintext", nil)) case model.MTLSStrict: out = append(out, buildInboundFilterChain(node, push, "mtls", tlsContext))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
Name: workloadCfg.Name, Kind: kind.PeerAuthentication, Namespace: workloadCfg.Namespace, }) } } else { // Permissive mesh or namespace policy isEffectiveStrictPolicy = false // any ports that aren't specified will be PERMISSIVE so this workload isn't effectively under a STRICT policy foundStrict := false for _, portMtls := range workloadSpec.PortLevelMtls {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
fastapi/security/oauth2.py
Registered: Mon Jun 17 08:32:26 UTC 2024 - Last Modified: Tue Apr 02 02:48:51 UTC 2024 - 21.1K bytes - Viewed (0) -
tests/integration/security/reachability_test.go
expectCrossCluster: notFromNaked, expectCrossNetwork: notNaked, expectSuccess: notNaked, minIstioVersion: integIstioVersion, }, { name: "global mtls permissive", configs: config.Sources{ config.File("testdata/reachability/global-peer-authn.yaml.tmpl"), config.File("testdata/reachability/global-dr.yaml.tmpl"), }.WithParams(param.Params{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
src/net/mail/message.go
} // consumeAtom parses an RFC 5322 atom at the start of p. // If dot is true, consumeAtom parses an RFC 5322 dot-atom instead. // If permissive is true, consumeAtom will not fail on: // - leading/trailing/double dots in the atom (see golang.org/issue/4938) func (p *addrParser) consumeAtom(dot bool, permissive bool) (atom string, err error) { i := 0 Loop: for { r, size := utf8.DecodeRuneInString(p.s[i:]) switch {
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Tue Mar 19 11:31:03 UTC 2024 - 23.5K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_builder_test.go
http map[int]bool tls map[int]bool }{ { name: "permissive", config: "", http: map[int]bool{ // Should not see HTTP inspector if we declare ports 80: true, 82: true, // But should see for passthrough or unnamed ports 81: false, 1000: false, }, tls: map[int]bool{ // Permissive mode: inspector is set everywhere 80: false, 82: false,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 24.7K bytes - Viewed (0) -
pilot/pkg/security/authn/policy_applier.go
// Workload-level configs should not be in root namespace (this should be guaranteed by the caller, // though they will be safely ignored in this function). If the input config list is empty, returns // a default policy set to a PERMISSIVE. // If there is at least one applicable config, returns should not be nil, and is a combined policy // based on following rules: // - It should have the setting from the most narrow scope (i.e workload-level is preferred over
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 09:47:21 UTC 2024 - 19.2K bytes - Viewed (0)