aboutsummaryrefslogtreecommitdiffstats
path: root/jdisc-security-filters
Commit message (Collapse)AuthorAgeFilesLines
* GC deprecated junit assertThat.Henning Baldersheim2021-12-213-29/+23
|
* Make DiscFilterResponse concrete and remove package-private sub-classBjørn Christian Seime2021-12-031-24/+2
| | | | | Make DiscFilterResponse opereate directly on a jdisc-core Response instance. Reduce use of jdisc-core types from its public API.
* Reapply "Remove Servlet integration from container-core [run-systemtest]""Bjørn Christian Seime2021-12-031-2/+2
|
* Revert "Remove Servlet integration from container-core [run-systemtest]"Jon Marius Venstad2021-12-031-2/+2
|
* Remove Servlet integration from container-coreBjørn Christian Seime2021-12-021-2/+2
|
* Support custom JSON + error code as stringBjørn Christian Seime2021-11-161-18/+41
|
* Update 2020 Oath copyrights.gjoranv2021-10-272-2/+2
|
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update Verizon Media copyright notices.gjoranv2021-10-074-4/+4
|
* Update 2018 copyright notices.gjoranv2021-10-0727-27/+27
|
* Update 2017 copyright notices.gjoranv2021-10-071-1/+1
|
* Revert "Add commons-codec dependency"Harald Musum2021-07-051-8/+0
|
* Add commons-codec dependencyValerij Fredriksen2021-07-051-0/+8
|
* Remove null dimension valuesMorten Tokle2021-06-111-0/+2
|
* Add request and acl mapping values as metric dimensionsMorten Tokle2021-06-113-18/+76
|
* Return request origin when wildcard is allowedValerij Fredriksen2021-05-112-15/+8
|
* Remove corse filter base class that is no longer relevantBjørn Christian Seime2021-05-072-101/+0
|
* Allow wildcard in allowedUrls for CorsPreflightRequestFilterValerij Fredriksen2021-05-062-2/+13
|
* Custom acl mappingMorten Tokle2021-04-152-1/+9
|
* Test that access token is ignored when client has role certificateBjørn Christian Seime2021-03-021-0/+14
|
* Ignore access token header if client has Athenz role certificateBjørn Christian Seime2021-03-021-8/+36
|
* Test dryrunBjørn Christian Seime2021-02-231-0/+15
|
* Add configurable response headers for blocked requestsBjørn Christian Seime2021-02-233-7/+72
|
* Merge pull request #16556 from vespa-engine/mortent/block-feed-global-configMorten Tokle2021-02-181-6/+0
|\ | | | | Config for blocking feed to global endpoints
| * Config for blocking feed to global endpointsMorten Tokle2021-02-171-6/+0
| |
* | Add rule based request filterBjørn Christian Seime2021-02-173-1/+308
|/
* Add default ruleBjørn Christian Seime2021-02-161-2/+5
|
* Add config definition for rule based security filterBjørn Christian Seime2021-02-162-0/+21
|
* Athenz jdisc filter: support proxied access token from trusted peerBjørn Christian Seime2021-02-113-16/+117
|
* Ignore null headerMartin Polden2021-02-101-1/+1
|
* Add CORS filtersValerij Fredriksen2021-01-253-19/+12
|
* Create default connector request chainMorten Tokle2020-11-232-0/+87
|
* Allow no argument to install_config_definitionsHarald Musum2020-09-121-1/+1
| | | | | Use src/main/resources/configdefinitions as default when no argument is given
* Use full name in config definition file namesHarald Musum2020-09-105-1/+1
|
* LogLevel.DEBUG -> Level.FINEgjoranv2020-04-252-5/+5
|
* Import java.util.logging.Level instead of com.yahoo.log.LogLevelgjoranv2020-04-252-2/+2
|
* Expose metrics from filterMorten Tokle2020-03-192-4/+97
|
* Merge pull request #12466 from vespa-engine/bjorncs/improve-error-messageBjørn Christian Seime2020-03-102-1/+31
|\ | | | | Improve error message on when all allowed credentials are missing
| * Improve error message on when all allowed credentials are missingBjørn Christian Seime2020-03-052-1/+31
| |
* | Add expiry timeMorten Tokle2020-03-061-1/+3
|/
* Close executor on deconstructionJon Marius Venstad2020-02-271-1/+2
|
* Add public modifier to constructor and filter()Bjørn Christian Seime2020-01-311-4/+4
|
* Rewrite AthenzAuthorizationFilter to accept access tokensBjørn Christian Seime2020-01-303-124/+266
| | | | | | Change athenz-authorization-filter.def to have an enum set of enabled credentials. Delegate to ZPE to determine if a certificate is an Athenz role or identity certificate. Introduce various request attributes to propagate result from ZPE.
* Add debug logging of error responsesBjørn Christian Seime2020-01-291-2/+7
|
* Add toString() to ResourceNameAndActionBjørn Christian Seime2020-01-291-0/+8
|
* Add checkAccessAllowed method that consumes access token + certificateBjørn Christian Seime2020-01-241-0/+11
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-242-7/+10
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Revert "Bjorncs/update zpe"Harald Musum2020-01-242-10/+7
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-242-7/+10
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Install more config definition files.Tor Egge2019-11-291-1/+1
|