Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| * | | Don't unwrap parameters as separate fields | Bjørn Christian Seime | 2018-03-07 | 1 | -15/+6 | |
| | | | ||||||
| * | | ZTS server endpoint is zone specific | Bjørn Christian Seime | 2018-03-07 | 5 | -8/+5 | |
| | | | ||||||
| * | | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-07 | 5 | -38/+19 | |
| |/ | ||||||
* / | Respond with HTTP-400 when source IP does not match common name | Valerij Fredriksen | 2018-03-07 | 1 | -0/+4 | |
|/ | ||||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Håkon Hallingstad | 2018-03-03 | 5 | -19/+38 | |
| | ||||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-03-02 | 5 | -38/+19 | |
| | ||||||
* | Don't fail on keystore on disk read/write | Bjørn Christian Seime | 2018-03-01 | 2 | -9/+10 | |
| | | | | Also rename getKeystoreExpiry to getCertificateExpiry | |||||
* | Cache Athenz certificate to disk. Prefer disk on load. | Bjørn Christian Seime | 2018-03-01 | 3 | -32/+83 | |
| | | | | | Do not include expiry to Athenz request as they are default 30 days anyways. | |||||
* | Revert "Rewrite server TLS init to use bootstrap identity and allow AWS" | Harald Musum | 2018-02-28 | 5 | -32/+52 | |
| | ||||||
* | Rewrite server TLS init to use bootstrap identity and allow AWS | Bjørn Christian Seime | 2018-02-28 | 5 | -52/+32 | |
| | ||||||
* | Use Ckms instead of SecretStore in athenz-identity-provider-service | Bjørn Christian Seime | 2018-02-22 | 1 | -9/+10 | |
| | ||||||
* | move identityprovider package to vespa-athenz | Morten Tokle | 2018-02-22 | 13 | -1077/+0 | |
| | ||||||
* | Add zts client dep | Morten Tokle | 2018-02-22 | 1 | -0/+24 | |
| | ||||||
* | Add bouncycastle compile scope dep | Morten Tokle | 2018-02-21 | 1 | -0/+10 | |
| | ||||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-21 | 14 | -73/+1091 | |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | |||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 14 | -1101/+73 | |
| | ||||||
* | Add bouncycastle compile scope dep | Morten Tokle | 2018-02-20 | 1 | -0/+10 | |
| | ||||||
* | Revert "Merge pull request #5072 from vespa-engine/revert-4984-mortent/ckms" | Morten Tokle | 2018-02-20 | 14 | -73/+1091 | |
| | | | | | This reverts commit 6d7b65adfcd1e918da8173dab25bf701074f3cdc, reversing changes made to 2ecdfefd5616743f62691f64a517ab787d6f0c10. | |||||
* | Revert "Refactor identityprovider. Add SiaIdentityProvider" | Morten Tokle | 2018-02-20 | 14 | -1091/+73 | |
| | ||||||
* | Merge branch 'master' into mortent/ckms | Morten Tokle | 2018-02-20 | 1 | -1/+2 | |
|\ | ||||||
* | | Move identity provider to athenz-identity-provider-service module | Morten Tokle | 2018-02-16 | 14 | -73/+1090 | |
|/ | ||||||
* | Report config server cert expiry metrics | Valerij Fredriksen | 2018-02-06 | 3 | -9/+99 | |
| | ||||||
* | Implement /refresh endpoint for indetity provider | Valerij Fredriksen | 2018-01-31 | 1 | -1/+1 | |
| | ||||||
* | Add copyright headers | Jon Bratseth | 2018-01-25 | 5 | -0/+5 | |
| | ||||||
* | Revert "Use hostname if loadBalancerAddress is not set" | Valerij Fredriksen | 2018-01-22 | 1 | -4/+1 | |
| | ||||||
* | Use hostname if loadBalancerAddress is not set | Bjørn Christian Seime | 2018-01-16 | 1 | -1/+4 | |
| | ||||||
* | Use ContentSigner with BouncyCastle provider | Bjørn Christian Seime | 2018-01-16 | 1 | -1/+3 | |
| | ||||||
* | Manually resolve remote | Valerij Fredriksen | 2018-01-04 | 1 | -1/+10 | |
| | ||||||
* | Remove unnecessary use of AtomicReference | Bjørn Christian Seime | 2017-12-06 | 1 | -4/+4 | |
| | ||||||
* | Retrieve initial certificate in constructor for fail-fast semantics | Bjørn Christian Seime | 2017-12-06 | 1 | -19/+41 | |
| | ||||||
* | Don't warn when actual expiry is longer than expected | Bjørn Christian Seime | 2017-12-06 | 1 | -7/+5 | |
| | ||||||
* | Match issuer name defined in self-signed cert in trust store | Bjørn Christian Seime | 2017-12-06 | 1 | -5/+8 | |
| | ||||||
* | Merge pull request #4354 from vespa-engine/bjorncs/athenz-ca-in-truststore | Bjørn Christian Seime | 2017-12-05 | 3 | -3/+9 | |
|\ | | | | | Load Athenz CA certificates to JDisc truststore | |||||
| * | Load Athenz CA certificates to JDisc truststore | Bjørn Christian Seime | 2017-12-05 | 3 | -3/+9 | |
| | | ||||||
* | | Enable Athenz TLS certificate for main | Bjørn Christian Seime | 2017-12-05 | 1 | -7/+0 | |
|/ | ||||||
* | Add trust store configurator with config server's CA cert | Bjørn Christian Seime | 2017-12-05 | 3 | -1/+115 | |
| | ||||||
* | Revert "Add trust store configurator with config server's CA cert" | Arnstein Ressem | 2017-12-05 | 3 | -115/+1 | |
| | ||||||
* | Use Extension.basicConstraints instead of cryptic string id | Bjørn Christian Seime | 2017-12-04 | 1 | -2/+1 | |
| | ||||||
* | Add trust store configurator with config server's CA cert | Bjørn Christian Seime | 2017-12-04 | 3 | -1/+116 | |
| | ||||||
* | Split parent + container-dependency-versions from root pom. | gjoranv | 2017-12-01 | 1 | -0/+1 | |
| | | | | | | - Add missing dependencies so that all provided non-yahoo jars are listed in container-dependency-versions. - Add relativePath for all child poms of parent. | |||||
* | Revert "Gjoranv/split parent2" | gjoranv | 2017-11-30 | 1 | -1/+0 | |
| | ||||||
* | Split parent + container-dependency-versions from root pom. | gjoranv | 2017-11-30 | 1 | -0/+1 | |
| | | | | | | - Add missing dependencies so that all provided non-yahoo jars are listed in container-dependency-versions. - Add relativePath for all child poms of parent. | |||||
* | Revert "Gjoranv/split parent" | gjoranv | 2017-11-29 | 1 | -1/+0 | |
| | ||||||
* | Split parent + container-dependency-versions from root pom. | gjoranv | 2017-11-29 | 1 | -0/+1 | |
| | | | | | | - Add missing dependencies so that all provided non-yahoo jars are listed in container-dependency-versions. - Add relativePath for all child poms of parent. | |||||
* | Add JavaTimeModule to Jersey. Exclude Jackson from athenz bundle | Bjørn Christian Seime | 2017-11-22 | 1 | -5/+26 | |
| | ||||||
* | Add unit test for CsrSerializedPayload deserialization | Bjørn Christian Seime | 2017-11-22 | 1 | -0/+32 | |
| | ||||||
* | Move model types to same package as certificate signer resource | Bjørn Christian Seime | 2017-11-22 | 3 | -4/+2 | |
| | ||||||
* | Don't inject config instances into jax-rs resources | Bjørn Christian Seime | 2017-11-21 | 7 | -43/+31 | |
| | | | | | Injection of config instances is not suppored for jax-rs resources. All dependencies of resources must be components. | |||||
* | Fix typo | Bjørn Christian Seime | 2017-11-17 | 2 | -2/+2 | |
| | ||||||
* | Cleanup logging in IdentityDocumentResource | Bjørn Christian Seime | 2017-11-17 | 1 | -2/+1 | |
| |