summaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main/java
Commit message (Collapse)AuthorAgeFilesLines
* compare oranges with orangesAndreas Eriksen2022-08-171-1/+1
|
* Add Referrer-Policy headerMorten Tokle2022-08-011-0/+1
|
* Move rule-based-filter config to configdefinitions module/bundlegjoranv2022-07-272-9/+2
| | | | | | | .. to remove import-package from config-model to jdisc-security-filters. - Keep the old config def for a while in case it's needed by hosted Vespa config models.
* Add x-frame-optionsMorten Tokle2022-06-281-0/+1
|
* Fix javadocValerij Fredriksen2022-06-271-2/+2
|
* Create CSP response filterValerij Fredriksen2022-06-272-0/+37
|
* Use '@Inject' from 'annotations' in multiple bundlesBjørn Christian Seime2022-05-066-6/+6
|
* Move User from controller-api to jdisc-security-filtersBjørn Christian Seime2022-04-272-0/+103
|
* Add comment about why there is no path segment validation in rule filterjonmv2022-04-111-0/+2
|
* Only create Path if there are any patterns to match againstjonmv2022-04-111-2/+1
|
* Avoid segment validation in rule based filterjonmv2022-04-111-1/+1
|
* Support custom JSON + error code as stringBjørn Christian Seime2021-11-161-18/+41
|
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update Verizon Media copyright notices.gjoranv2021-10-072-2/+2
|
* Update 2018 copyright notices.gjoranv2021-10-0715-15/+15
|
* Remove null dimension valuesMorten Tokle2021-06-111-0/+2
|
* Add request and acl mapping values as metric dimensionsMorten Tokle2021-06-112-17/+73
|
* Return request origin when wildcard is allowedValerij Fredriksen2021-05-111-14/+7
|
* Remove corse filter base class that is no longer relevantBjørn Christian Seime2021-05-071-41/+0
|
* Allow wildcard in allowedUrls for CorsPreflightRequestFilterValerij Fredriksen2021-05-061-1/+3
|
* Custom acl mappingMorten Tokle2021-04-152-1/+9
|
* Ignore access token header if client has Athenz role certificateBjørn Christian Seime2021-03-021-8/+36
|
* Add configurable response headers for blocked requestsBjørn Christian Seime2021-02-231-4/+13
|
* Add rule based request filterBjørn Christian Seime2021-02-171-0/+118
|
* Add config definition for rule based security filterBjørn Christian Seime2021-02-161-0/+8
|
* Athenz jdisc filter: support proxied access token from trusted peerBjørn Christian Seime2021-02-111-3/+21
|
* Ignore null headerMartin Polden2021-02-101-1/+1
|
* Add CORS filtersValerij Fredriksen2021-01-253-19/+12
|
* Create default connector request chainMorten Tokle2020-11-231-0/+21
|
* LogLevel.DEBUG -> Level.FINEgjoranv2020-04-252-5/+5
|
* Import java.util.logging.Level instead of com.yahoo.log.LogLevelgjoranv2020-04-252-2/+2
|
* Expose metrics from filterMorten Tokle2020-03-191-3/+31
|
* Improve error message on when all allowed credentials are missingBjørn Christian Seime2020-03-051-1/+21
|
* Close executor on deconstructionJon Marius Venstad2020-02-271-1/+2
|
* Add public modifier to constructor and filter()Bjørn Christian Seime2020-01-311-4/+4
|
* Rewrite AthenzAuthorizationFilter to accept access tokensBjørn Christian Seime2020-01-301-81/+118
| | | | | | Change athenz-authorization-filter.def to have an enum set of enabled credentials. Delegate to ZPE to determine if a certificate is an Athenz role or identity certificate. Introduce various request attributes to propagate result from ZPE.
* Add debug logging of error responsesBjørn Christian Seime2020-01-291-2/+7
|
* Add toString() to ResourceNameAndActionBjørn Christian Seime2020-01-291-0/+8
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-2/+3
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Revert "Bjorncs/update zpe"Harald Musum2020-01-241-3/+2
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-2/+3
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Remove NToken support from AthenzPrincipalFilterBjørn Christian Seime2019-09-111-35/+5
|
* Move BlockingRequestFilter to jdisc-security-filtersBjørn Christian Seime2019-05-091-0/+18
|
* Move LocalhostFilter and NoopFilter to jdisc-security-filtersBjørn Christian Seime2019-05-092-0/+53
|
* Add test for SignatureFilterJon Marius Venstad2019-05-021-1/+1
|
* Let AthenzPrincipalFilter inherit JSRFB directlyJon Marius Venstad2019-05-021-10/+4
|
* Use roles for authorizationMartin Polden2019-03-221-5/+0
|
* Revert "Merge pull request #8370 from ↵Jon Bratseth2019-02-041-1/+1
| | | | | | | vespa-engine/revert-8308-bratseth/disallow-dash-rebased" This reverts commit 43cf4fd1ec196cb0543af73db8e3bd1f6774f0a8, reversing changes made to 14172aa5cd890445980202909d1277429e4c5a3a.
* Revert "Bratseth/disallow dash rebased"Jon Bratseth2019-02-041-1/+1
|