Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for reauthenticate (0.21 sec)

  2. github.com/istio/istio

    common-protos/k8s.io/api/authentication/v1beta1/generated.proto 

    message SelfSubjectReviewStatus {
  // User attributes of the user making this request.
  // +optional
  optional k8s.io.api.authentication.v1.UserInfo userInfo = 1;
}

// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.
message TokenReview {
  // Standard object's metadata.
    Plain Text
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Mon Mar 11 18:43:24 GMT 2024
    - 5.2K bytes
    - Viewed (0)
  3. github.com/istio/istio

    bin/build_ztunnel.sh 

    ISTIO_ZTUNNEL_BASE_URL="${ISTIO_ZTUNNEL_BASE_URL:-https://storage.googleapis.com/istio-build/ztunnel}"

# If we are not using the default, assume its private and we need to authenticate
if [[ "${ISTIO_ZTUNNEL_BASE_URL}" != "https://storage.googleapis.com/istio-build/ztunnel" ]]; then
  AUTH_HEADER="Authorization: Bearer $(gcloud auth print-access-token)"
  export AUTH_HEADER
fi
    Shell Script
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Tue Apr 02 21:46:06 GMT 2024
    - 5K bytes
    - Viewed (0)
  4. github.com/istio/istio

    bin/init.sh 

    # Envoy binary variables
ISTIO_ENVOY_BASE_URL="${ISTIO_ENVOY_BASE_URL:-https://storage.googleapis.com/istio-build/proxy}"

# If we are not using the default, assume its private and we need to authenticate
if [[ "${ISTIO_ENVOY_BASE_URL}" != "https://storage.googleapis.com/istio-build/proxy" ]]; then
  AUTH_HEADER="Authorization: Bearer $(gcloud auth print-access-token)"
  export AUTH_HEADER
fi
    Shell Script
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Thu Jan 25 19:11:31 GMT 2024
    - 6.1K bytes
    - Viewed (0)
  5. github.com/istio/istio

    architecture/ambient/ztunnel.md 

    This means Ztunnel will have multiple distinct certificates at a time, one for each unique identity (service account) running on its node.

When fetching certificates, ztunnel will authenticate to the CA with its own identity, but request the identity of another workload.
Critically, the CA must enforce that the ztunnel has permission to request that identity.
Requests for identities not running on the node are rejected.
    Plain Text
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Thu Apr 25 22:35:16 GMT 2024
    - 16.6K bytes
    - Viewed (0)
  6. github.com/istio/istio

    common-protos/k8s.io/api/authentication/v1/generated.proto 

      // token must identify themself with an identifier in the list of
  // audiences of the token, and otherwise should reject the token. A
  // token issued for multiple audiences may be used to authenticate
  // against any of the audiences listed but implies a high degree of
  // trust between the target audiences.
  repeated string audiences = 1;
    Plain Text
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Mon Mar 11 18:43:24 GMT 2024
    - 6.7K bytes
    - Viewed (0)
  7. github.com/istio/istio

    common-protos/k8s.io/api/certificates/v1/generated.proto 

    //
// Kubelets use this API to obtain:
//  1. client certificates to authenticate to kube-apiserver (with the "kubernetes.io/kube-apiserver-client-kubelet" signerName).
//  2. serving certificates for TLS endpoints kube-apiserver can connect to securely (with the "kubernetes.io/kubelet-serving" signerName).
//
// This API can be used to request client certificates to authenticate to kube-apiserver
// (with the "kubernetes.io/kube-apiserver-client" signerName),
    Plain Text
    - Registered: Wed May 08 22:53:08 GMT 2024
    - Last Modified: Mon Mar 11 18:43:24 GMT 2024
    - 11.6K bytes
    - Viewed (0)
Back to top