aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters/src/test
Commit message (Collapse)AuthorAgeFilesLines
* Expose metrics from filterMorten Tokle2020-03-191-1/+66
|
* Merge pull request #12466 from vespa-engine/bjorncs/improve-error-messageBjørn Christian Seime2020-03-101-0/+10
|\ | | | | Improve error message on when all allowed credentials are missing
| * Improve error message on when all allowed credentials are missingBjørn Christian Seime2020-03-051-0/+10
| |
* | Add expiry timeMorten Tokle2020-03-061-1/+3
|/
* Rewrite AthenzAuthorizationFilter to accept access tokensBjørn Christian Seime2020-01-301-40/+145
| | | | | | Change athenz-authorization-filter.def to have an enum set of enabled credentials. Delegate to ZPE to determine if a certificate is an Athenz role or identity certificate. Introduce various request attributes to propagate result from ZPE.
* Add checkAccessAllowed method that consumes access token + certificateBjørn Christian Seime2020-01-241-0/+11
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-5/+7
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Revert "Bjorncs/update zpe"Harald Musum2020-01-241-7/+5
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-241-5/+7
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Remove NToken support from AthenzPrincipalFilterBjørn Christian Seime2019-09-111-90/+9
|
* Move LocalhostFilter and NoopFilter to jdisc-security-filtersBjørn Christian Seime2019-05-091-0/+60
|
* Let AthenzPrincipalFilter inherit JSRFB directlyJon Marius Venstad2019-05-021-6/+2
|
* Add passthrough mode to AthenzPrincipalFilterBjørn Christian Seime2018-10-041-12/+38
| | | | | | - No http response when passthrough mode is enable - Introduce attributes for error code and message - Introduce attribute for AthenzPrincipal instance
* Add copyright headerJon Bratseth2018-10-012-2/+4
|
* Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.securityBjørn Christian Seime2018-09-051-6/+8
| | | | - Use replace RSA with EC in unit tests where possible
* Move AthenzPrincipalFilter to jdisc-security-filtersBjørn Christian Seime2018-07-261-0/+200
|
* Fix typoBjørn Christian Seime2018-06-211-1/+1
|
* Rename 'AccessCheckResult' -> 'AuthorizationResult'Bjørn Christian Seime2018-06-211-10/+10
|
* Add new Athenz security filter based on ZPEBjørn Christian Seime2018-06-201-0/+103
| | | | | - Allow flexible configuration of filter using a resource mapper - Add helper class to extract role and identity from role certificates
* Make CorsRequestFilterBase extend JsonSecurityRequestFilterBaseBjørn Christian Seime2018-04-241-1/+1
|
* Add base class for security filters rendering errors as jsonBjørn Christian Seime2018-04-241-0/+57
|
* Change package name and class name of Cors filtersBjørn Christian Seime2018-04-093-21/+21
| | | | | * Change package name to 'com.yahoo.jdisc.filter.security.cors' * Remove 'Security' from names of Cors class names
* Add new module jdisc-security-filtersBjørn Christian Seime2018-04-093-0/+250
* Add new base class for security filters supporting CORS headers * Add CORS response filter and preflight request filter