Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Expose metrics from filter | Morten Tokle | 2020-03-19 | 1 | -1/+66 |
| | |||||
* | Merge pull request #12466 from vespa-engine/bjorncs/improve-error-message | Bjørn Christian Seime | 2020-03-10 | 1 | -0/+10 |
|\ | | | | | Improve error message on when all allowed credentials are missing | ||||
| * | Improve error message on when all allowed credentials are missing | Bjørn Christian Seime | 2020-03-05 | 1 | -0/+10 |
| | | |||||
* | | Add expiry time | Morten Tokle | 2020-03-06 | 1 | -1/+3 |
|/ | |||||
* | Rewrite AthenzAuthorizationFilter to accept access tokens | Bjørn Christian Seime | 2020-01-30 | 1 | -40/+145 |
| | | | | | | Change athenz-authorization-filter.def to have an enum set of enabled credentials. Delegate to ZPE to determine if a certificate is an Athenz role or identity certificate. Introduce various request attributes to propagate result from ZPE. | ||||
* | Add checkAccessAllowed method that consumes access token + certificate | Bjørn Christian Seime | 2020-01-24 | 1 | -0/+11 |
| | |||||
* | Return the matched role in checkAccessAllowed methods | Bjørn Christian Seime | 2020-01-24 | 1 | -5/+7 |
| | | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter. | ||||
* | Revert "Bjorncs/update zpe" | Harald Musum | 2020-01-24 | 1 | -7/+5 |
| | |||||
* | Return the matched role in checkAccessAllowed methods | Bjørn Christian Seime | 2020-01-24 | 1 | -5/+7 |
| | | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter. | ||||
* | Remove NToken support from AthenzPrincipalFilter | Bjørn Christian Seime | 2019-09-11 | 1 | -90/+9 |
| | |||||
* | Move LocalhostFilter and NoopFilter to jdisc-security-filters | Bjørn Christian Seime | 2019-05-09 | 1 | -0/+60 |
| | |||||
* | Let AthenzPrincipalFilter inherit JSRFB directly | Jon Marius Venstad | 2019-05-02 | 1 | -6/+2 |
| | |||||
* | Add passthrough mode to AthenzPrincipalFilter | Bjørn Christian Seime | 2018-10-04 | 1 | -12/+38 |
| | | | | | | - No http response when passthrough mode is enable - Introduce attributes for error code and message - Introduce attribute for AthenzPrincipal instance | ||||
* | Add copyright header | Jon Bratseth | 2018-10-01 | 2 | -2/+4 |
| | |||||
* | Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.security | Bjørn Christian Seime | 2018-09-05 | 1 | -6/+8 |
| | | | | - Use replace RSA with EC in unit tests where possible | ||||
* | Move AthenzPrincipalFilter to jdisc-security-filters | Bjørn Christian Seime | 2018-07-26 | 1 | -0/+200 |
| | |||||
* | Fix typo | Bjørn Christian Seime | 2018-06-21 | 1 | -1/+1 |
| | |||||
* | Rename 'AccessCheckResult' -> 'AuthorizationResult' | Bjørn Christian Seime | 2018-06-21 | 1 | -10/+10 |
| | |||||
* | Add new Athenz security filter based on ZPE | Bjørn Christian Seime | 2018-06-20 | 1 | -0/+103 |
| | | | | | - Allow flexible configuration of filter using a resource mapper - Add helper class to extract role and identity from role certificates | ||||
* | Make CorsRequestFilterBase extend JsonSecurityRequestFilterBase | Bjørn Christian Seime | 2018-04-24 | 1 | -1/+1 |
| | |||||
* | Add base class for security filters rendering errors as json | Bjørn Christian Seime | 2018-04-24 | 1 | -0/+57 |
| | |||||
* | Change package name and class name of Cors filters | Bjørn Christian Seime | 2018-04-09 | 3 | -21/+21 |
| | | | | | * Change package name to 'com.yahoo.jdisc.filter.security.cors' * Remove 'Security' from names of Cors class names | ||||
* | Add new module jdisc-security-filters | Bjørn Christian Seime | 2018-04-09 | 3 | -0/+250 |
* Add new base class for security filters supporting CORS headers * Add CORS response filter and preflight request filter |