Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 8 of 8 for requestPrincipals (0.24 sec)

  2. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/allow-full-rule-out.yaml 

                          stringMatch:
                        exact: requestPrincipals
                - metadata:
                    filter: istio_authn
                    path:
                    - key: request.auth.principal
                    value:
                      stringMatch:
                        prefix: requestPrincipals-prefix-
                - metadata:
                    filter: istio_authn
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 32.6K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/extended-allow-full-rule-out.yaml 

                            path:
                        - key: payload
                        - key: iss
                        value:
                          stringMatch:
                            exact: requestPrincipals
                    - metadata:
                        filter: envoy.filters.http.jwt_authn
                        path:
                        - key: payload
                        - key: sub
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri May 03 18:02:42 UTC 2024
    - 39K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/security/authz/model/model_test.go 

    				}
			}
		})
	}
}

func TestModel_Generate(t *testing.T) {
	rule := yamlRule(t, `
from:
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-1"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-2"]
- source:
    requestPrincipals: ["td-1/ns/foo/sa/sleep-3"]
    notRequestPrincipals: ["td-1/ns/foo/sa/sleep-4"]
to:
- operation:
    ports: ["8001"]
    notPorts: ["8002"]
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 20 22:15:12 UTC 2023
    - 10K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/security/authz/model/model.go 

    			if useExtendedJwt {
				merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals)
			} else {
				merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals)
			}
			merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals)
		}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 25 10:39:25 UTC 2024
    - 13.8K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go 

    	}
	fromMatches := []*security.Match{}
	for _, from := range rule.From {
		op := from.Source
		if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) {
			// L7 policies never match for ALLOW
			// For DENY they will always match, so it is more restrictive
			return nil
		}
		match := &security.Match{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 15 16:23:36 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/networking/core/networkfilter_test.go 

    						Action: v1beta1.AuthorizationPolicy_ALLOW,
						Rules: []*v1beta1.Rule{
							{
								From: []*v1beta1.Rule_From{
									{
										Source: &v1beta1.Source{
											RequestPrincipals: []string{"id-1"},
										},
									},
								},
								To: []*v1beta1.Rule_To{
									{
										Operation: &v1beta1.Operation{
											Methods: []string{"GET"},
										},
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 17 22:20:44 UTC 2024
    - 25.8K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/single-policy-out.yaml 

                          stringMatch:
                        exact: rule[0]-from[0]-requestPrincipal[1]
                - metadata:
                    filter: istio_authn
                    path:
                    - key: request.auth.principal
                    value:
                      stringMatch:
                        exact: rule[0]-from[0]-requestPrincipal[2]
            - orIds:
                ids:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 17 16:35:46 UTC 2023
    - 14.1K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/security/authz/builder/testdata/http/extended-single-policy-out.yaml 

                            - key: payload
                        - key: iss
                        value:
                          stringMatch:
                            exact: rule[0]-from[0]-requestPrincipal[1]
                    - metadata:
                        filter: envoy.filters.http.jwt_authn
                        path:
                        - key: payload
                        - key: sub
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 25 10:39:25 UTC 2024
    - 17.4K bytes
    - Viewed (0)
Back to top