- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 35 for requestPrincipals (0.17 sec)
-
tests/integration/security/testdata/authz/jwt.yaml.tmpl
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 3K bytes - Viewed (0) -
tests/integration/security/testdata/authz/egress-gateway.yaml.tmpl
from: - source: requestPrincipals: [ "******@****.***/sub-1" ] - to: # checks only a can call 443 over istio mutual with JWT - operation: hosts: [ "jwt-and-{{ .Allowed.ServiceName }}-{{ .Allowed.NamespaceName }}-only.com" ] from: - source: requestPrincipals: [ "******@****.***/sub-1" ]
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jul 31 15:08:52 UTC 2023 - 5.2K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model.go
if useExtendedJwt { merged.insertFrontExtended(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } else { merged.insertFront(requestPrincipalGenerator{}, attrRequestPrincipal, s.RequestPrincipals, s.NotRequestPrincipals) } merged.insertFront(srcPrincipalGenerator{}, attrSrcPrincipal, s.Principals, s.NotPrincipals) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
} fromMatches := []*security.Match{} for _, from := range rule.From { op := from.Source if action == security.Action_ALLOW && anyNonEmpty(op.RemoteIpBlocks, op.NotRemoteIpBlocks, op.RequestPrincipals, op.NotRequestPrincipals) { // L7 policies never match for ALLOW // For DENY they will always match, so it is more restrictive return nil } match := &security.Match{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pkg/config/validation/validation.go
errs = appendErrors(errs, check(len(src.NotPrincipals) != 0, "From.NotPrincipals")) errs = appendErrors(errs, check(len(src.RequestPrincipals) != 0, "From.RequestPrincipals")) errs = appendErrors(errs, check(len(src.NotRequestPrincipals) != 0, "From.NotRequestPrincipals")) } } for _, when := range rule.GetWhen() { if when == nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 04:03:33 UTC 2024 - 107.2K bytes - Viewed (0) -
pilot/pkg/networking/core/networkfilter_test.go
Action: v1beta1.AuthorizationPolicy_ALLOW, Rules: []*v1beta1.Rule{ { From: []*v1beta1.Rule_From{ { Source: &v1beta1.Source{ RequestPrincipals: []string{"id-1"}, }, }, }, To: []*v1beta1.Rule_To{ { Operation: &v1beta1.Operation{ Methods: []string{"GET"}, },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 25.8K bytes - Viewed (0) -
pkg/config/validation/validation_test.go
}, }, }, }, valid: false, }, { name: "RequestPrincipals-empty", in: &security_beta.AuthorizationPolicy{ Rules: []*security_beta.Rule{ { From: []*security_beta.Rule_From{ { Source: &security_beta.Source{ RequestPrincipals: []string{"p1", ""}, }, }, }, }, }, },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 03:11:45 UTC 2024 - 196K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/multiple-policies-out.yaml
stringMatch: exact: requestPrincipals1 - metadata: filter: istio_authn path: - key: request.auth.principal value: stringMatch: exact: requestPrincipals2 ns[foo]-policy[httpbin-7]-rule[0]: permissions:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 16:35:46 UTC 2023 - 4.5K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/extended-multiple-policies-out.yaml
path: - key: payload - key: iss value: stringMatch: exact: requestPrincipals1 - metadata: filter: envoy.filters.http.jwt_authn path: - key: payload - key: sub
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 5.3K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/single-policy-out.yaml
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 16:35:46 UTC 2023 - 14.1K bytes - Viewed (0)