summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service
Commit message (Collapse)AuthorAgeFilesLines
* Specify correct file format for truststoreBjørn Christian Seime2019-07-051-1/+1
|
* Remove unused parameter from constructorBjørn Christian Seime2019-07-051-3/+1
|
* Use current certificate manager to find certificate expiryBjørn Christian Seime2019-07-051-1/+1
|
* Use TlsContextBasedProvider in ConfigserverSslContextFactoryProviderBjørn Christian Seime2019-07-051-47/+33
|
* Revert "Use TlsContextBasedProvider in ConfigserverSslContextFactoryProvider"Bjørn Christian Seime2019-07-041-33/+47
| | | | This reverts commit e7cd527d1a83383188a65ed430f87b7fd9c85e60.
* Use current certificate manager to find certificate expiryBjørn Christian Seime2019-07-041-1/+1
|
* Use TlsContextBasedProvider in ConfigserverSslContextFactoryProviderBjørn Christian Seime2019-07-031-47/+33
|
* Some methods in SslContextFactory base class are deprecatedBjørn Christian Seime2019-07-021-1/+1
| | | | Use SslContextFactory.Server instead.
* Fix testHarald Musum2019-06-102-6/+3
|
* Change schema for athenz-provider-service so that it will be generated per zoneHarald Musum2019-06-105-29/+15
|
* Remove unused methodBjørn Christian Seime2019-06-031-4/+0
|
* Disable TLSv1.3 in manually configured https endpointBjørn Christian Seime2019-05-221-0/+4
|
* Java isn't mathJon Bratseth2019-05-061-0/+1
|
* Follow API changeJon Bratseth2019-05-061-1/+1
|
* mockito-all => mockito-coreHenning Baldersheim2019-04-291-1/+1
|
* Revert "Upgrade Jetty to 9.4.16"Bjørn Christian Seime2019-04-151-1/+1
|
* Upgrade Jetty to 9.4.16Bjørn Christian Seime2019-04-151-1/+1
| | | | | Use Server subclass as default constructor of SslContextFactory and some methods are marked as deprecated.
* Install jar and symlink from config server appHarald Musum2019-03-261-0/+2
|
* Add model name when provisioned (#8692)olaaun2019-03-072-1/+2
|
* Add readme to athenz-identity-provider-serviceBjørn Christian Seime2019-02-251-0/+4
|
* Disable hostname verification of client certs in hosted configserver/controllerBjørn Christian Seime2019-02-201-0/+1
|
* Remove Node.BuilderHåkon Hallingstad2019-02-141-1/+1
|
* Fix method name typoValerij Fredriksen2019-01-301-1/+1
|
* Make node builderHåkon Hallingstad2019-01-281-1/+1
| | | | | | | | | While trying to add another field to Node I came upon the multitude of places the constructor is called. This is simplified by using a builder. The builder is internal to Node for now. If wanted/needed, it can be made public (especially tests may be interested - I have touched as few as possible).
* Do not provide apache httpclient and httpcore.gjoranv2019-01-211-0/+2
|
* 6-SNAPSHOT -> 7-SNAPSHOTArnstein Ressem2019-01-211-1/+1
|
* Disable TLS RSA ciphers that do not support forward secrecyBjørn Christian Seime2019-01-211-7/+0
| | | | | | This will essentially remove the temporary workaround introduced with the Jetty 9.4.12 upgrade that was done recently. JDisc will with this change only enable certificates marked as grade A by ssllabs.com
* Rename field openStackId -> idMartin Polden2019-01-022-3/+2
|
* CleanupHarald Musum2018-11-201-2/+1
|
* Log existing application infos if one is not foundHarald Musum2018-11-081-3/+5
|
* Use simpler map for modelsHarald Musum2018-11-051-7/+6
| | | | | Need to keep old constructor and make a temporary one with an ignored argument to make this work (since arguments will be equal due to type erasure)
* Fix Jetty NPEBjørn Christian Seime2018-09-131-0/+1
|
* Merge pull request #6908 from vespa-engine/bjorncs/ec-pem-supportBjørn Christian Seime2018-09-121-7/+4
|\ | | | | Bjorncs/ec pem support
| * Use KeyUtilsBjørn Christian Seime2018-09-111-7/+4
| |
* | Configure https connector using SslContextFactoryProviderBjørn Christian Seime2018-09-114-279/+206
|/
* Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.securityBjørn Christian Seime2018-09-053-8/+8
| | | | - Use replace RSA with EC in unit tests where possible
* Merge pull request #6600 from vespa-engine/bjorncs/remove-self-signed-certBjørn Christian Seime2018-08-288-483/+7
|\ | | | | Bjorncs/remove self signed cert
| * Remove old uri workaroundBjørn Christian Seime2018-08-161-1/+1
| |
| * Remove self-signed certificate from configserver truststoreBjørn Christian Seime2018-08-161-46/+6
| |
| * Remove api for issuing self-signed certificatesBjørn Christian Seime2018-08-166-436/+0
| |
* | Validate provider unique id in registerMorten Tokle2018-08-212-26/+87
| |
* | Validate refresh requestsMorten Tokle2018-08-173-19/+182
|/
* Remove 'dnsSuffix' and 'ztsEndpoint' from identity documentBjørn Christian Seime2018-08-152-5/+0
|
* Remove wrapped document structure from SignedIdentityDocumentBjørn Christian Seime2018-08-152-82/+23
|
* Revert "Bjorncs/remove wrapped identity document"Morten Tokle2018-08-073-23/+87
|
* Remove 'dnsSuffix' and 'ztsEndpoint' from identity documentBjørn Christian Seime2018-07-262-5/+0
|
* Remove wrapped document structure from SignedIdentityDocumentBjørn Christian Seime2018-07-262-82/+23
|
* Add debug logging of the instance confirmation objectBjørn Christian Seime2018-07-102-0/+2
|
* Split registration and refreshBjørn Christian Seime2018-07-103-1/+55
| | | | | | | Validation for instance register cannot be reused as the identity document is not part of the refresh request. Refresh is split into a separate validation step that is currently a no-op. This is neccessary to allow certificates to be refreshed correctly.
* Remove CA certificate from keystoreBjørn Christian Seime2018-06-211-38/+13
|