- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 322 for Authorize (0.22 sec)
-
pilot/pkg/xds/auth.go
c, err := security.Authenticate(ctx, s.Authenticators) if c != nil { return c.Identities, nil } return nil, err } func (s *DiscoveryServer) authorize(con *Connection, identities []string) error { if con == nil || con.proxy == nil { return nil } if features.EnableXDSIdentityCheck && identities != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 00:26:45 UTC 2024 - 2.4K bytes - Viewed (0) -
pkg/registry/admissionregistration/validatingadmissionpolicybinding/authz_test.go
auth: func(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { return authorizer.DecisionDeny, "", nil }, }, { name: "authorized", userInfo: &user.DefaultInfo{Groups: []string{user.AllAuthenticated}}, auth: func(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Jul 20 16:30:09 UTC 2023 - 5.7K bytes - Viewed (0) -
docs/iam/opa.md
OPA is a lightweight general-purpose policy engine that can be co-located with MinIO server, in this document we talk about how to use OPA HTTP API to authorize requests. It can be used with any type of credentials (STS based like OpenID or LDAP, regular IAM users or service accounts). OPA is enabled through MinIO's Access Management Plugin feature. ## Get started
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Sun Jul 17 15:43:14 UTC 2022 - 2.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go
func withAuthorization(validate rest.ValidateObjectFunc, a authorizer.Authorizer, attributes authorizer.Attributes) rest.ValidateObjectFunc { var once sync.Once var authorizerDecision authorizer.Decision var authorizerReason string var authorizerErr error return func(ctx context.Context, obj runtime.Object) error { if a == nil { return errors.NewInternalError(fmt.Errorf("no authorizer provided, unable to authorize a create on update")) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon May 01 20:19:46 UTC 2023 - 11.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
func (w *WebhookAuthorizer) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { var ( resourceRules []authorizer.ResourceRuleInfo nonResourceRules []authorizer.NonResourceRuleInfo ) incomplete := true return resourceRules, nonResourceRules, incomplete, fmt.Errorf("webhook authorizer does not support user rule resolution") }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 19:01:15 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/features/security.go
XDSAuth = env.Register("XDS_AUTH", true, "If true, will authenticate XDS clients.").Get() EnableXDSIdentityCheck = env.Register( "PILOT_ENABLE_XDS_IDENTITY_CHECK", true, "If enabled, pilot will authorize XDS clients, to ensure they are acting only as namespaces they have permissions for.", ).Get() // TODO: Move this to proper API. trustedGatewayCIDR = env.Register( "TRUSTED_GATEWAY_CIDR", "",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Jan 13 03:50:59 UTC 2024 - 3.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/validating/caching_authorizer_test.go
}, { decision: authorizer.DecisionDeny, reason: "test reason beta", error: fmt.Errorf("test error beta"), }, }, }, } { t.Run(tc.name, func(t *testing.T) { var misses int frontend := newCachingAuthorizer(func() authorizer.Authorizer { return authorizer.AuthorizerFunc(func(_ context.Context, attributes authorizer.Attributes) (authorizer.Decision, string, error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Feb 12 18:58:24 UTC 2024 - 6.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/metrics_test.go
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 19:01:15 UTC 2024 - 6.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go
// TestAuthorizer is a test stub that fulfills the WantsAuthorizer interface. type TestAuthorizer struct{} func (t *TestAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { return authorizer.DecisionNoOpinion, "", nil } func TestRESTMapperAdmissionPlugin(t *testing.T) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 00:00:21 UTC 2024 - 8.2K bytes - Viewed (0) -
plugin/pkg/admission/certificates/ctbattest/admission_test.go
verb string allowedName string decision authorizer.Decision err error } func (f fakeAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) { if f.err != nil { return f.decision, "forced error", f.err } if a.GetVerb() != f.verb { return authorizer.DecisionDeny, fmt.Sprintf("unrecognised verb '%s'", a.GetVerb()), nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 10.9K bytes - Viewed (0)