Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Expose metrics from filter | Morten Tokle | 2020-03-19 | 2 | -4/+97 |
| | |||||
* | Merge pull request #12466 from vespa-engine/bjorncs/improve-error-message | Bjørn Christian Seime | 2020-03-10 | 2 | -1/+31 |
|\ | | | | | Improve error message on when all allowed credentials are missing | ||||
| * | Improve error message on when all allowed credentials are missing | Bjørn Christian Seime | 2020-03-05 | 2 | -1/+31 |
| | | |||||
* | | Add expiry time | Morten Tokle | 2020-03-06 | 1 | -1/+3 |
|/ | |||||
* | Close executor on deconstruction | Jon Marius Venstad | 2020-02-27 | 1 | -1/+2 |
| | |||||
* | Add public modifier to constructor and filter() | Bjørn Christian Seime | 2020-01-31 | 1 | -4/+4 |
| | |||||
* | Rewrite AthenzAuthorizationFilter to accept access tokens | Bjørn Christian Seime | 2020-01-30 | 3 | -124/+266 |
| | | | | | | Change athenz-authorization-filter.def to have an enum set of enabled credentials. Delegate to ZPE to determine if a certificate is an Athenz role or identity certificate. Introduce various request attributes to propagate result from ZPE. | ||||
* | Add debug logging of error responses | Bjørn Christian Seime | 2020-01-29 | 1 | -2/+7 |
| | |||||
* | Add toString() to ResourceNameAndAction | Bjørn Christian Seime | 2020-01-29 | 1 | -0/+8 |
| | |||||
* | Add checkAccessAllowed method that consumes access token + certificate | Bjørn Christian Seime | 2020-01-24 | 1 | -0/+11 |
| | |||||
* | Return the matched role in checkAccessAllowed methods | Bjørn Christian Seime | 2020-01-24 | 2 | -7/+10 |
| | | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter. | ||||
* | Revert "Bjorncs/update zpe" | Harald Musum | 2020-01-24 | 2 | -10/+7 |
| | |||||
* | Return the matched role in checkAccessAllowed methods | Bjørn Christian Seime | 2020-01-24 | 2 | -7/+10 |
| | | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter. | ||||
* | Install more config definition files. | Tor Egge | 2019-11-29 | 1 | -1/+1 |
| | |||||
* | Remove unneeded install of java artifact dependencies. | Tor Egge | 2019-11-18 | 1 | -1/+0 |
| | |||||
* | Remove NToken support from AthenzPrincipalFilter | Bjørn Christian Seime | 2019-09-11 | 3 | -131/+14 |
| | |||||
* | Move BlockingRequestFilter to jdisc-security-filters | Bjørn Christian Seime | 2019-05-09 | 1 | -0/+18 |
| | |||||
* | Move LocalhostFilter and NoopFilter to jdisc-security-filters | Bjørn Christian Seime | 2019-05-09 | 3 | -0/+113 |
| | |||||
* | Add test for SignatureFilter | Jon Marius Venstad | 2019-05-02 | 1 | -1/+1 |
| | |||||
* | Let AthenzPrincipalFilter inherit JSRFB directly | Jon Marius Venstad | 2019-05-02 | 2 | -16/+6 |
| | |||||
* | Use roles for authorization | Martin Polden | 2019-03-22 | 1 | -5/+0 |
| | |||||
* | Revert "Merge pull request #8370 from ↵ | Jon Bratseth | 2019-02-04 | 1 | -1/+1 |
| | | | | | | | vespa-engine/revert-8308-bratseth/disallow-dash-rebased" This reverts commit 43cf4fd1ec196cb0543af73db8e3bd1f6774f0a8, reversing changes made to 14172aa5cd890445980202909d1277429e4c5a3a. | ||||
* | Revert "Bratseth/disallow dash rebased" | Jon Bratseth | 2019-02-04 | 1 | -1/+1 |
| | |||||
* | Nonfunctional changes only | Jon Bratseth | 2019-01-31 | 1 | -1/+1 |
| | |||||
* | 6-SNAPSHOT -> 7-SNAPSHOT | Arnstein Ressem | 2019-01-21 | 1 | -2/+2 |
| | |||||
* | Revert "Bratseth/disallow dash " | Jon Bratseth | 2019-01-16 | 1 | -1/+1 |
| | |||||
* | Nonfunctional changes only | Jon Bratseth | 2019-01-10 | 1 | -1/+1 |
| | |||||
* | Allow okta headers | Morten Tokle | 2018-10-22 | 1 | -4/+1 |
| | |||||
* | Add passthrough mode to AthenzPrincipalFilter | Bjørn Christian Seime | 2018-10-04 | 3 | -17/+66 |
| | | | | | | - No http response when passthrough mode is enable - Introduce attributes for error code and message - Introduce attribute for AthenzPrincipal instance | ||||
* | Add copyright header | Jon Bratseth | 2018-10-01 | 2 | -2/+4 |
| | |||||
* | Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.security | Bjørn Christian Seime | 2018-09-05 | 1 | -6/+8 |
| | | | | - Use replace RSA with EC in unit tests where possible | ||||
* | Move AthenzPrincipalFilter to jdisc-security-filters | Bjørn Christian Seime | 2018-07-26 | 3 | -0/+303 |
| | |||||
* | Fix typo | Bjørn Christian Seime | 2018-06-21 | 1 | -1/+1 |
| | |||||
* | Rename 'AccessCheckResult' -> 'AuthorizationResult' | Bjørn Christian Seime | 2018-06-21 | 2 | -15/+15 |
| | |||||
* | Disable client caching of error responses | Bjørn Christian Seime | 2018-06-20 | 1 | -0/+1 |
| | |||||
* | Correct unintentional method name | Bjørn Christian Seime | 2018-06-20 | 3 | -3/+3 |
| | |||||
* | Add new Athenz security filter based on ZPE | Bjørn Christian Seime | 2018-06-20 | 8 | -0/+349 |
| | | | | | - Allow flexible configuration of filter using a resource mapper - Add helper class to extract role and identity from role certificates | ||||
* | Add X-Content-Type-Options header | Morten Tokle | 2018-06-13 | 1 | -0/+1 |
| | |||||
* | Add jdisc filter that adds recommened security-related response headers | Bjørn Christian Seime | 2018-06-05 | 2 | -0/+29 |
| | |||||
* | Make CorsRequestFilterBase extend JsonSecurityRequestFilterBase | Bjørn Christian Seime | 2018-04-24 | 2 | -44/+9 |
| | |||||
* | Add base class for security filters rendering errors as json | Bjørn Christian Seime | 2018-04-24 | 3 | -0/+151 |
| | |||||
* | Change package name and class name of Cors filters | Bjørn Christian Seime | 2018-04-09 | 10 | -43/+40 |
| | | | | | * Change package name to 'com.yahoo.jdisc.filter.security.cors' * Remove 'Security' from names of Cors class names | ||||
* | Make jdisc-security-filters a pre-install requirement of jdisc | Bjørn Christian Seime | 2018-04-09 | 1 | -0/+5 |
| | |||||
* | Add readme to jdisc-security-filters | Bjørn Christian Seime | 2018-04-09 | 1 | -0/+4 |
| | |||||
* | Add new module jdisc-security-filters | Bjørn Christian Seime | 2018-04-09 | 11 | -0/+559 |
* Add new base class for security filters supporting CORS headers * Add CORS response filter and preflight request filter |