aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main/java/com/yahoo/jdisc
Commit message (Collapse)AuthorAgeFilesLines
* Update copyrightJon Bratseth2023-10-0928-33/+33
|
* Group fingerprints by token idjonmv2023-09-281-6/+26
|
* Use switch expressionsjonmv2023-09-281-0/+3
|
* Address reviewjonmv2023-09-281-1/+2
|
* Set up token-tell-handler with data-plane token filterjonmv2023-09-281-0/+31
|
* Allow empty clientsMorten Tokle2023-09-211-1/+0
|
* Misc improvements to `CloudDataPlaneFilter(Test)`Bjørn Christian Seime2023-07-193-12/+9
|
* Split token authz into dedicated filter `CloudTokenDataPlaneFilter`Bjørn Christian Seime2023-07-194-163/+266
|
* Don't ignore expired tokens while processing configBjørn Christian Seime2023-07-171-6/+1
|
* Add expiration concept to data plane tokensBjørn Christian Seime2023-07-121-9/+25
|
* Fail if PEM does not contain any certificate entriesBjørn Christian Seime2023-06-191-0/+2
|
* Split each certificate into separate config entriesBjørn Christian Seime2023-06-191-2/+2
|
* Simplify token API by using fixed context for fingerprintsTor Brede Vekterli2023-06-151-1/+1
| | | | | | | | | | Fingerprints are now always derived using the a fixed context of `Vespa token fingerprint`. Enforcement has been added that a `TokenDomain` cannot be initialized with a context equal to the fingerprint context. This changes the fingerprint outputs from their previous values, but that's fine since they are not yet in use anywhere.
* Misc improvementsBjørn Christian Seime2023-06-151-11/+18
| | | | | | | Remove duplicate unit tests. Improve symbol names. Use `Map` to simplify code and reduce cost. Introduce constant for the number of bytes in token check hash. Improve code comments.
* Improve validation of configBjørn Christian Seime2023-06-151-1/+13
| | | | Verify that at least one client definition requires certificate. Add note on legacy mode.
* Support tokens in Cloud data plane filterBjørn Christian Seime2023-06-141-16/+89
|
* Allow subdomains in CORS filtersValerij Fredriksen2023-06-063-21/+45
|
* Move metrics definitions to metrics:ai.vespa.metricsgjoranv2023-05-082-3/+3
|
* Use enums for remaining container metrics.yngveaasheim2023-03-151-2/+3
|
* Use ContainerMetrics enum more placesYngve Aasheim2023-01-201-2/+3
|
* Revert "Revert collect(Collectors.toList())"Henning Baldersheim2022-12-042-2/+2
|
* Revert collect(Collectors.toList())Henning Baldersheim2022-12-042-2/+2
|
* collect(Collectors.toList()) -> toList()Henning Baldersheim2022-12-022-2/+2
|
* Move config to configdefinitionsMorten Tokle2022-11-221-0/+1
|
* Introduce Cloud data plane security filterBjørn Christian Seime2022-11-222-0/+153
|
* Cleanup RequestResourceMapper APIBjørn Christian Seime2022-11-152-9/+3
|
* remove obsolete codeMorten Tokle2022-11-112-25/+6
|
* Revert "remove obsolete code"Henning Baldersheim2022-11-102-6/+25
|
* remove obsolete codeMorten Tokle2022-11-102-25/+6
|
* Prevent browser API cachingMorten Tokle2022-10-252-2/+1
|
* Prevent browsers caching api responsesMorten Tokle2022-10-241-0/+1
|
* Allow 'Vespa-Csrf-Token' headerBjørn Christian Seime2022-09-261-1/+2
|
* compare oranges with orangesAndreas Eriksen2022-08-171-1/+1
|
* Add Referrer-Policy headerMorten Tokle2022-08-011-0/+1
|
* Move rule-based-filter config to configdefinitions module/bundlegjoranv2022-07-272-9/+2
| | | | | | | .. to remove import-package from config-model to jdisc-security-filters. - Keep the old config def for a while in case it's needed by hosted Vespa config models.
* Add x-frame-optionsMorten Tokle2022-06-281-0/+1
|
* Fix javadocValerij Fredriksen2022-06-271-2/+2
|
* Create CSP response filterValerij Fredriksen2022-06-272-0/+37
|
* Use '@Inject' from 'annotations' in multiple bundlesBjørn Christian Seime2022-05-066-6/+6
|
* Move User from controller-api to jdisc-security-filtersBjørn Christian Seime2022-04-272-0/+103
|
* Add comment about why there is no path segment validation in rule filterjonmv2022-04-111-0/+2
|
* Only create Path if there are any patterns to match againstjonmv2022-04-111-2/+1
|
* Avoid segment validation in rule based filterjonmv2022-04-111-1/+1
|
* Support custom JSON + error code as stringBjørn Christian Seime2021-11-161-18/+41
|
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update Verizon Media copyright notices.gjoranv2021-10-072-2/+2
|
* Update 2018 copyright notices.gjoranv2021-10-0715-15/+15
|
* Remove null dimension valuesMorten Tokle2021-06-111-0/+2
|
* Add request and acl mapping values as metric dimensionsMorten Tokle2021-06-112-17/+73
|