- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for NotRequestPrincipals (0.28 sec)
-
pilot/pkg/security/authz/model/model_test.go
} func TestModel_Generate(t *testing.T) { rule := yamlRule(t, ` from: - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-1"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"] - source: requestPrincipals: ["td-1/ns/foo/sa/sleep-3"] notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"] to: - operation: ports: ["8001"] notPorts: ["8002"] - operation: ports: ["8003"]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 10K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model.go
if useExtendedJwt { merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } else { merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
} fromMatches := []*security.Match{} for _, from := range rule.From { op := from.Source if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) { // L7 policies never match for ALLOW // For DENY they will always match, so it is more restrictive return nil } match := &security.Match{ SourceIps: stringToIP(op.IpBlocks),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0)