- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 40 for impersonate (0.17 sec)
-
staging/src/k8s.io/api/authentication/v1/types.go
const ( // ImpersonateUserHeader is used to impersonate a particular user during an API server request ImpersonateUserHeader = "Impersonate-User" // ImpersonateGroupHeader is used to impersonate a particular group during an API server request. // It can be repeated multiplied times for multiple groups. ImpersonateGroupHeader = "Impersonate-Group" // ImpersonateUIDHeader is used to impersonate a particular UID during an API server request
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 23 17:42:49 UTC 2024 - 10K bytes - Viewed (0) -
staging/src/k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go
} if f.Impersonate != nil { flags.StringVar(f.Impersonate, flagImpersonate, *f.Impersonate, "Username to impersonate for the operation. User could be a regular user or a service account in a namespace.") } if f.ImpersonateUID != nil { flags.StringVar(f.ImpersonateUID, flagImpersonateUID, *f.ImpersonateUID, "UID to impersonate for the operation.") } if f.ImpersonateGroup != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Oct 11 15:04:11 UTC 2023 - 16.9K bytes - Viewed (0) -
security/pkg/server/ca/node_auth.go
Name: caller.PodServiceAccount, } // First, make sure the caller is allowed to impersonate, in general if _, f := na.trustedNodeAccounts[callerSa]; !f { return fmt.Errorf("caller (%v) is not allowed to impersonate", caller) } // Next, make sure the identity they want to impersonate is valid, in general requestedIdentity, err := spiffe.ParseIdentity(requestedIdentityString) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 6.4K bytes - Viewed (0) -
releasenotes/notes/49011.yaml
apiVersion: release-notes/v2 kind: feature area: security issue: - 47489 releaseNotes: - |- **Added** support for istio CA to handle node authorization for CSRs with impersonate identity from remote clusters.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Feb 05 15:46:44 UTC 2024 - 328 bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go
groupsSpecified := len(req.Header[authenticationv1.ImpersonateGroupHeader]) > 0 // make sure we're allowed to impersonate each thing we're requesting. While we're iterating through, start building username // and group information username := "" groups := []string{} userExtra := map[string][]string{} uid := ""
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Aug 07 10:10:35 UTC 2023 - 9.5K bytes - Viewed (0) -
samples/unixdomainsockets/src/main/java/okhttp3/unixdomainsockets/UnixDomainSocketFactory.java
import java.io.File; import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; import javax.net.SocketFactory; import jnr.unixsocket.UnixSocketChannel; /** Impersonate TCP-style SocketFactory over UNIX domain sockets. */ public final class UnixDomainSocketFactory extends SocketFactory { private final File path; public UnixDomainSocketFactory(File path) { this.path = path; }
Registered: Sun Jun 16 04:42:17 UTC 2024 - Last Modified: Sun Dec 03 21:33:52 UTC 2023 - 2.1K bytes - Viewed (0) -
platforms/core-execution/build-cache-http/src/main/java/org/gradle/caching/http/HttpBuildCache.java
* <p> * Allowing communication with untrusted servers keeps data encrypted during transmission, * but makes it easier for a man-in-the-middle to impersonate the intended server and capture data. * <p> * This value has no effect if a server is specified using the HTTP protocol (i.e. has SSL disabled). * * @since 4.2 */
Registered: Wed Jun 12 18:38:38 UTC 2024 - Last Modified: Fri Sep 22 09:43:12 UTC 2023 - 7.6K bytes - Viewed (0) -
security/pkg/server/ca/server_test.go
impersonatePod: podOtherNode, callerClusterID: cluster.ID("fake"), trustedNodeAccounts: allowZtunnel, code: codes.Unauthenticated, }, { name: "Successful signing with impersonate identity", authenticators: []security.Authenticator{&mockAuthenticator{ identities: []string{"test-identity"}, kubernetesInfo: ztunnelCaller, }}, ca: &mockca.FakeCA{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 15.8K bytes - Viewed (0) -
security/pkg/server/ca/server.go
return nil, status.Error(codes.Unauthenticated, "request impersonation authentication failure") } // Node is authorized to impersonate; overwrite the SAN to the impersonated identity. sans = []string{impersonatedIdentity} } serverCaLog.Debugf("generating a certificate, sans: %v, requested ttl: %s", sans, time.Duration(request.ValidityDuration*int64(time.Second)))
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
src/cmd/go/internal/tool/tool.go
// since it is normally only used for building the toolchain in the first // place. However, 'go tool dist list' is useful for listing all supported // platforms. // // If the dist tool does not exist, impersonate this command. if impersonateDistList(args[2:]) { // If it becomes necessary, we could increment an additional counter to indicate // that we're impersonating dist list if knowing that becomes important?
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Fri Apr 05 18:02:11 UTC 2024 - 5.9K bytes - Viewed (0)