summaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/main
Commit message (Expand)AuthorAgeFilesLines
* Prevent browser API cachingMorten Tokle2022-10-252-2/+1
* Prevent browsers caching api responsesMorten Tokle2022-10-241-0/+1
* Allow 'Vespa-Csrf-Token' headerBjørn Christian Seime2022-09-261-1/+2
* Remove old config definition that has been replaced by ...gjoranv2022-08-311-20/+0
* compare oranges with orangesAndreas Eriksen2022-08-171-1/+1
* Add Referrer-Policy headerMorten Tokle2022-08-011-0/+1
* Move rule-based-filter config to configdefinitions module/bundlegjoranv2022-07-273-9/+4
* Add x-frame-optionsMorten Tokle2022-06-281-0/+1
* Fix javadocValerij Fredriksen2022-06-271-2/+2
* Create CSP response filterValerij Fredriksen2022-06-272-0/+37
* Use '@Inject' from 'annotations' in multiple bundlesBjørn Christian Seime2022-05-066-6/+6
* Move User from controller-api to jdisc-security-filtersBjørn Christian Seime2022-04-272-0/+103
* Add comment about why there is no path segment validation in rule filterjonmv2022-04-111-0/+2
* Only create Path if there are any patterns to match againstjonmv2022-04-111-2/+1
* Avoid segment validation in rule based filterjonmv2022-04-111-1/+1
* Support custom JSON + error code as stringBjørn Christian Seime2021-11-161-18/+41
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
* Update Verizon Media copyright notices.gjoranv2021-10-073-3/+3
* Update 2018 copyright notices.gjoranv2021-10-0719-19/+19
* Remove null dimension valuesMorten Tokle2021-06-111-0/+2
* Add request and acl mapping values as metric dimensionsMorten Tokle2021-06-112-17/+73
* Return request origin when wildcard is allowedValerij Fredriksen2021-05-111-14/+7
* Remove corse filter base class that is no longer relevantBjørn Christian Seime2021-05-071-41/+0
* Allow wildcard in allowedUrls for CorsPreflightRequestFilterValerij Fredriksen2021-05-061-1/+3
* Custom acl mappingMorten Tokle2021-04-152-1/+9
* Ignore access token header if client has Athenz role certificateBjørn Christian Seime2021-03-021-8/+36
* Add configurable response headers for blocked requestsBjørn Christian Seime2021-02-232-6/+17
* Add rule based request filterBjørn Christian Seime2021-02-171-0/+118
* Add default ruleBjørn Christian Seime2021-02-161-2/+5
* Add config definition for rule based security filterBjørn Christian Seime2021-02-162-0/+21
* Athenz jdisc filter: support proxied access token from trusted peerBjørn Christian Seime2021-02-112-3/+24
* Ignore null headerMartin Polden2021-02-101-1/+1
* Add CORS filtersValerij Fredriksen2021-01-253-19/+12
* Create default connector request chainMorten Tokle2020-11-231-0/+21
* Use full name in config definition file namesHarald Musum2020-09-104-0/+0
* LogLevel.DEBUG -> Level.FINEgjoranv2020-04-252-5/+5
* Import java.util.logging.Level instead of com.yahoo.log.LogLevelgjoranv2020-04-252-2/+2
* Expose metrics from filterMorten Tokle2020-03-191-3/+31
* Improve error message on when all allowed credentials are missingBjørn Christian Seime2020-03-051-1/+21
* Close executor on deconstructionJon Marius Venstad2020-02-271-1/+2
* Add public modifier to constructor and filter()Bjørn Christian Seime2020-01-311-4/+4
* Rewrite AthenzAuthorizationFilter to accept access tokensBjørn Christian Seime2020-01-302-84/+121
* Add debug logging of error responsesBjørn Christian Seime2020-01-291-2/+7
* Add toString() to ResourceNameAndActionBjørn Christian Seime2020-01-291-0/+8
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-2/+3
* Revert "Bjorncs/update zpe"Harald Musum2020-01-241-3/+2
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-2/+3
* Remove NToken support from AthenzPrincipalFilterBjørn Christian Seime2019-09-112-41/+5
* Move BlockingRequestFilter to jdisc-security-filtersBjørn Christian Seime2019-05-091-0/+18