- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 470 for authn (0.09 sec)
-
security/pkg/server/ca/authenticate/oidc.go
// If set to a different value - use the value defined by istiod.yaml. Env variable can // still override Aud []string `json:"aud"` // Exp is not currently used - we don't use the token for authn, just to determine k8s settings Exp int `json:"exp"` // Issuer - configured by K8S admin for projected tokens. Will be used to verify all tokens. Iss string `json:"iss"` Sub string `json:"sub"` }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/config_test.go
} for p := range expectedset.Difference(pathset) { t.Errorf(" Expected %v path which we did not get", p) } }) } func TestAuthenticationAuditAnnotationsDefaultChain(t *testing.T) { authn := authenticator.RequestFunc(func(req *http.Request) (*authenticator.Response, bool, error) { // confirm that we can set an audit annotation in a handler before WithAudit
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Apr 29 18:59:21 UTC 2024 - 13.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/validation/validation_test.go
want string wantCELMapper bool wantUsesEmailVerifiedClaim bool }{ { name: "claim and expression are empty, structured authn feature enabled", in: []api.ClaimValidationRule{{}}, structuredAuthnFeatureEnabled: true,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 87.2K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_test.go
httpFilters := []string{ xdsfilters.MxFilterName, // Ext auth makes 2 filters wellknown.HTTPRoleBasedAccessControl, wellknown.HTTPExternalAuthorization, "extenstions.istio.io/wasmplugin/istio-system.wasm-authn", "extenstions.istio.io/wasmplugin/istio-system.wasm-authz", wellknown.HTTPRoleBasedAccessControl, "extenstions.istio.io/wasmplugin/istio-system.wasm-stats",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 93.6K bytes - Viewed (0) -
pilot/pkg/model/authentication_test.go
) var baseTimestamp = time.Date(2020, 2, 2, 2, 2, 2, 0, time.UTC) func TestGetPoliciesForWorkload(t *testing.T) { policies := getTestAuthenticationPolicies(createTestConfigs(true /* with mesh peer authn */), t) cases := []struct { name string workloadNamespace string workloadLabels labels.Instance wantRequestAuthn []*config.Config wantPeerAuthn []*config.Config
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 45.1K bytes - Viewed (0) -
security/pkg/server/ca/node_auth.go
return (*na).authenticateImpersonation(caller, requestedIdentityString) } // ClusterNodeAuthorizer is a component that implements a subset of Kubernetes Node Authorization // (https://kubernetes.io/docs/reference/access-authn-authz/node/) for Istio CA within one cluster. // Specifically, it validates that a node proxy which requests certificates for workloads on its // own node is requesting valid identities which run on that node (rather than arbitrary ones).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 6.4K bytes - Viewed (0) -
cmd/sts-handlers.go
return ErrSTSAccessDenied } } func checkAssumeRoleAuth(ctx context.Context, r *http.Request) (auth.Credentials, APIErrorCode) { if !isRequestSignatureV4(r) { return auth.Credentials{}, ErrAccessDenied } s3Err := isReqAuthenticated(ctx, r, globalSite.Region(), serviceSTS) if s3Err != ErrNone { return auth.Credentials{}, s3Err } user, _, s3Err := getReqAccessKeyV4(r, globalSite.Region(), serviceSTS)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Jun 11 03:13:30 UTC 2024 - 33.9K bytes - Viewed (0) -
cmd/logging.go
logger.LogIf(ctx, "admin", err, errKind...) } func authNLogIf(ctx context.Context, err error, errKind ...interface{}) { logger.LogIf(ctx, "authN", err, errKind...) } func authZLogIf(ctx context.Context, err error, errKind ...interface{}) { logger.LogIf(ctx, "authZ", err, errKind...) } func peersLogIf(ctx context.Context, err error, errKind ...interface{}) { if !errors.Is(err, grid.ErrDisconnected) {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jun 13 22:26:38 UTC 2024 - 7.2K bytes - Viewed (0) -
tests/integration/security/policy_attachment_only/jwt_gateway_test.go
Run(func(t framework.TestContext) { crd.DeployGatewayAPIOrSkip(t) config.New(t). Source(config.File("testdata/authz/gateway-api.yaml.tmpl").WithParams(param.Params{ param.Namespace.String(): apps.Namespace, })). Source(config.File("testdata/authz/gateway-authz.yaml.tmpl").WithParams(param.Params{ param.Namespace.String(): apps.Namespace, "Services": apps.A.Append(apps.B).Services(),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 9.7K bytes - Viewed (0) -
pilot/pkg/networking/core/gateway_test.go
}, }, }, }, }, ValidationContextType: &auth.CommonTlsContext_CombinedValidationContext{ CombinedValidationContext: &auth.CommonTlsContext_CombinedCertificateValidationContext{ DefaultValidationContext: &auth.CertificateValidationContext{}, ValidationContextSdsSecretConfig: &auth.SdsSecretConfig{ Name: "ROOTCA", SdsConfig: &core.ConfigSource{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 04:44:06 UTC 2024 - 144K bytes - Viewed (0)