Search Options

Results per page
Sort
Preferred Languages
Advance

Results 61 - 70 of 73 for Authenticator (0.09 sec)

  1. cmd/sts-handlers.go

    		return
    	}
    
    	// It is required that parent user be set.
    	if res.Success.User == "" {
    		writeSTSErrorResponse(ctx, w, ErrSTSUpstreamError, errors.New("A valid user was not returned by the authenticator."))
    		return
    	}
    
    	// Expiry is set as minimum of requested value and value allowed by auth
    	// plugin.
    	expiry := res.Success.MaxValiditySeconds
    	if durationParam != "" && requestedDuration < expiry {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Aug 15 01:29:20 UTC 2024
    - 33.9K bytes
    - Viewed (0)
  2. CHANGELOG/CHANGELOG-1.3.md

    * Security/Auth
      * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
      * Setting TLS1.2 minimum
      * `kubectl create secret tls` command
      * Webhook Token Authenticator
      * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
    * Kubectl
      * Display line number on JSON errors
      * Add flag -t as shorthand for --tty
    * Resources
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 84K bytes
    - Viewed (0)
  3. CHANGELOG/CHANGELOG-1.10.md

    * kube-apiserver: the OpenID Connect authenticator can now verify ID Tokens signed with JOSE algorithms other than RS256 through the --oidc-signing-algs flag. ([#58544](https://github.com/kubernetes/kubernetes/pull/58544), [@ericchiang](https://github.com/ericchiang))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu May 05 13:44:43 UTC 2022
    - 341.8K bytes
    - Viewed (0)
  4. CHANGELOG/CHANGELOG-1.8.md

    few seconds. ([#50258](https://github.com/kubernetes/kubernetes/pull/50258), [@liggitt](https://github.com/liggitt))
    
    * The OpenID Connect authenticator can now use a custom prefix, or omit the default prefix, for username and groups claims through the --oidc-username-prefix and --oidc-groups-prefix flags. For example, the authenticator can map a user with the username "jane" to "google:jane" by supplying the "google:" username prefix. ([#50875](https://github.com/kubernetes/kubernetes/pull/50875),...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Feb 20 15:45:02 UTC 2024
    - 312.2K bytes
    - Viewed (0)
  5. CHANGELOG/CHANGELOG-1.5.md

    * Reduce time needed to attach Azure disks ([#40066](https://github.com/kubernetes/kubernetes/pull/40066), [@codablock](https://github.com/codablock))
    * Fixes request header authenticator by presenting the request header client CA so that the front proxy will authenticate using its client certificate. ([#40301](https://github.com/kubernetes/kubernetes/pull/40301), [@deads2k](https://github.com/deads2k))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 136.4K bytes
    - Viewed (0)
  6. CHANGELOG/CHANGELOG-1.4.md

    * Add support for --image-pull-policy to 'kubectl run' ([#30614](https://github.com/kubernetes/kubernetes/pull/30614), [@AdoHe](https://github.com/AdoHe))
    * x509 authenticator: get groups from subject's organization field ([#30392](https://github.com/kubernetes/kubernetes/pull/30392), [@ericchiang](https://github.com/ericchiang))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 133.5K bytes
    - Viewed (0)
  7. CHANGELOG/CHANGELOG-1.11.md

    * Exec authenticator plugin supports TLS client certificates. ([#61803](https://github.com/kubernetes/kubernetes/pull/61803), [@awly](https://github.com/awly))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Feb 06 06:04:15 UTC 2020
    - 328.4K bytes
    - Viewed (0)
  8. CHANGELOG/CHANGELOG-1.9.md

    * The OpenID Connect authenticator can now use a custom prefix, or omit the default prefix, for username and groups claims through the --oidc-username-prefix and --oidc-groups-prefix flags. For example, the authenticator can map a user with the username "jane" to "google:jane" by supplying the "google:" username prefix. ([#50875](https://github.com/kubernetes/kubernetes/pull/50875),...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Nov 16 10:46:27 UTC 2021
    - 313.7K bytes
    - Viewed (0)
  9. CHANGELOG/CHANGELOG-1.21.md

    - Increased `CSINodeIDMaxLength` from 128 bytes to 192 bytes. ([#98753](https://github.com/kubernetes/kubernetes/pull/98753), [@Jiawei0227](https://github.com/Jiawei0227))
    - Kube-apiserver: The OIDC authenticator no longer waits 10 seconds before attempting to fetch the metadata required to verify tokens. ([#97693](https://github.com/kubernetes/kubernetes/pull/97693), [@enj](https://github.com/enj)) [SIG API Machinery and Auth]
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Fri Oct 14 07:03:14 UTC 2022
    - 367.3K bytes
    - Viewed (0)
  10. CHANGELOG/CHANGELOG-1.22.md

    - Adds metrics for the delegated authenticator used by extension APIs that delegate authentication logic to the Kube API server. ([#99364](https://github.com/kubernetes/kubernetes/pull/99364), [@p0lyn0mial](https://github.com/p0lyn0mial))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Dec 13 12:43:45 UTC 2022
    - 454.1K bytes
    - Viewed (0)
Back to top