- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 51 for authn (0.06 sec)
-
pilot/pkg/networking/core/listener_waypoint.go
authzCustomBuilder = authz.NewBuilderForService(authz.Custom, lb.push, lb.node, true, svc) } // TODO: consider dedicated listener class for waypoint filters cls := istionetworking.ListenerClassSidecarInbound wasm := lb.push.WasmPluginsByListenerInfo(lb.node, model.WasmPluginListenerInfo{ Class: cls, Service: svc, }, model.WasmPluginTypeHTTP)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 04:34:37 UTC 2024 - 27.6K bytes - Viewed (0) -
pkg/security/security.go
req := AuthContext{GrpcContext: ctx} for _, authn := range am.Authenticators { u, err := authn.Authenticate(req) if u != nil && len(u.Identities) > 0 && err == nil { securityLog.Debugf("Authentication successful through auth source %v", u.AuthSource) return u } am.authFailMsgs = append(am.authFailMsgs, fmt.Sprintf("Authenticator %s: %v", authn.AuthenticatorType(), err)) } return nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_inbound.go
TrafficDirection: core.TrafficDirection_INBOUND, ContinueOnListenerFiltersTimeout: true, } // Flush authz cache since we need filter state for the principal. oldBuilder := lb.authzBuilder lb.authzBuilder = authz.NewBuilder(authz.Local, lb.push, lb.node, true) inboundChainConfigs := lb.buildInboundChainConfigs() for _, cc := range inboundChainConfigs { cc.hbone = true
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 35.1K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_test.go
httpFilters := []string{ xdsfilters.MxFilterName, // Ext auth makes 2 filters wellknown.HTTPRoleBasedAccessControl, wellknown.HTTPExternalAuthorization, "extenstions.istio.io/wasmplugin/istio-system.wasm-authn", "extenstions.istio.io/wasmplugin/istio-system.wasm-authz", wellknown.HTTPRoleBasedAccessControl, "extenstions.istio.io/wasmplugin/istio-system.wasm-stats",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 93.6K bytes - Viewed (0) -
cmd/sts-handlers.go
return ErrSTSAccessDenied } } func checkAssumeRoleAuth(ctx context.Context, r *http.Request) (auth.Credentials, APIErrorCode) { if !isRequestSignatureV4(r) { return auth.Credentials{}, ErrAccessDenied } s3Err := isReqAuthenticated(ctx, r, globalSite.Region(), serviceSTS) if s3Err != ErrNone { return auth.Credentials{}, s3Err } user, _, s3Err := getReqAccessKeyV4(r, globalSite.Region(), serviceSTS)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Jun 11 03:13:30 UTC 2024 - 33.9K bytes - Viewed (0) -
cmd/logging.go
logger.LogIf(ctx, "admin", err, errKind...) } func authNLogIf(ctx context.Context, err error, errKind ...interface{}) { logger.LogIf(ctx, "authN", err, errKind...) } func authZLogIf(ctx context.Context, err error, errKind ...interface{}) { logger.LogIf(ctx, "authZ", err, errKind...) } func peersLogIf(ctx context.Context, err error, errKind ...interface{}) { if !errors.Is(err, grid.ErrDisconnected) {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 7.2K bytes - Viewed (0) -
cmd/iam.go
return updatedAt, errServerNotInitialized } if !auth.IsAccessKeyValid(accessKey) { return updatedAt, auth.ErrInvalidAccessKeyLength } if auth.ContainsReservedChars(accessKey) { return updatedAt, auth.ErrContainsReservedChars } if !auth.IsSecretKeyValid(ureq.SecretKey) { return updatedAt, auth.ErrInvalidSecretKeyLength }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 71.9K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster.go
return &model.Service{ Hostname: host.Name(sidecar + "." + sidecarns), Attributes: model.ServiceAttributes{ Name: sidecar, // This will ensure that the right AuthN policies are selected Namespace: sidecarns, }, } } func convertResolution(proxyType model.NodeType, service *model.Service) cluster.Cluster_DiscoveryType { switch service.Resolution {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 33K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go
var cacheInterval *watchCacheInterval cacheInterval, err = c.watchCache.getAllEventsSinceLocked(requiredResourceVersion, key, opts) if err != nil { // To match the uncached watch implementation, once we have passed authn/authz/admission, // and successfully parsed a resource version, other errors must fail with a watch event of type ERROR, // rather than a directly returned error. return newErrWatcher(err), nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 12 10:12:02 UTC 2024 - 51.8K bytes - Viewed (0) -
tests/integration/ambient/baseline_test.go
t.NewSubTest("authz target deny").RunParallel(func(t framework.TestContext) { opts := echo.CallOptions{ To: authzDst, Check: CheckDeny, Port: echo.Port{Name: "http"}, Scheme: scheme.HTTP, Count: 10, } src.CallOrFail(t, opts) }) t.NewSubTest("non-authz target allow").RunParallel(func(t framework.TestContext) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 00:07:28 UTC 2024 - 78.4K bytes - Viewed (0)