summaryrefslogtreecommitdiffstats
path: root/security-utils/src
Commit message (Expand)AuthorAgeFilesLines
* Convert security-utils to junit5Bjørn Christian Seime2022-07-2718-143/+153
* Force caller to handle failed capability verification checkBjørn Christian Seime2022-07-213-18/+35
* Improve error messageBjørn Christian Seime2022-07-212-2/+2
* Move logic for capability checking/logging to ConnectionAuthContextBjørn Christian Seime2022-07-214-9/+122
* Use getSubjectCommonName()Bjørn Christian Seime2022-07-211-7/+1
* Get ConnectionAuthContext from SSL session after handshake is completeBjørn Christian Seime2022-07-213-28/+67
* Include client certificate chain even when authorization is disabledBjørn Christian Seime2022-07-203-4/+11
* Implement RequireCapabilitiesFilter in jrt + miscBjørn Christian Seime2022-07-203-8/+9
* Add to-string helper to ConnectionAuthContextBjørn Christian Seime2022-07-201-1/+38
* Simplify type definition for subject alternative namesBjørn Christian Seime2022-07-207-24/+24
* Add 'X509CertificateUtils.getSubjectCommonName()'Bjørn Christian Seime2022-07-201-1/+7
* Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'Bjørn Christian Seime2022-07-2012-30/+16
* Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls'Bjørn Christian Seime2022-07-2027-95/+37
* Remove empty packageBjørn Christian Seime2022-07-201-8/+0
* Add 'CapabilitySet.has()' methodsBjørn Christian Seime2022-07-201-0/+3
* Add environment variable for capabilities enforcement modeBjørn Christian Seime2022-07-202-0/+33
* Rename method/variable names to match new class nameBjørn Christian Seime2022-07-191-1/+1
* Include mode in log messageBjørn Christian Seime2022-07-151-3/+4
* Rename 'toCapabilityNames()' to 'toNames()'Bjørn Christian Seime2022-07-153-3/+3
* Always run PeerAutorizerBjørn Christian Seime2022-07-159-45/+44
* Rename 'hasAllCapabilities()' => 'hasAll()'Bjørn Christian Seime2022-07-152-2/+2
* Change type from SortedSet to SetBjørn Christian Seime2022-07-152-7/+4
* Rename 'succeeded' => 'authorized'Bjørn Christian Seime2022-07-153-4/+4
* Include full certificate chain in auth contextBjørn Christian Seime2022-07-153-15/+26
* Return granted capabilities from PeerAuthorizerBjørn Christian Seime2022-07-156-59/+79
* Add Capability and CapabilitySet including JSON serializationBjørn Christian Seime2022-07-138-6/+182
* Convert POJOs to recordBjørn Christian Seime2022-07-132-79/+9
* Remove 'role' concept from 'authorized-peers'Bjørn Christian Seime2022-07-1111-122/+25
* Add NTokenGeneratorHåkon Hallingstad2022-03-161-0/+8
* Avoid hamcrest/deprecated assertThat.Henning Baldersheim2021-12-203-20/+15
* Disable '?' as single char wildcard for URI matchingBjørn Christian Seime2021-12-095-7/+9
* Fix copyright and trailing new lineBjørn Christian Seime2021-12-032-4/+5
* Support glob pattern for URIs with '/' as boundaryBjørn Christian Seime2021-12-024-19/+49
* Add glob pattern helper that handles multiple alternative boundariesBjørn Christian Seime2021-12-023-35/+195
* Ensure consistent iteration orderingBjørn Christian Seime2021-12-021-2/+2
* Disable ciphers that are only supported by some JDK-11 versionsBjørn Christian Seime2021-11-091-4/+5
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
* Update 2019 Oath copyrights.gjoranv2021-10-2713-13/+13
* Update Verizon Media copyright notices.gjoranv2021-10-073-3/+3
* Update 2018 copyright notices.gjoranv2021-10-0753-53/+53
* Read certificate fingerprintMorten Tokle2021-09-221-0/+15
* Revert "Revert mortent/cfg operator cert"Morten Tokle2021-05-281-0/+17
* Revert "Add top-level object, simplify tests"Morten Tokle2021-05-251-17/+0
* Add top-level object, simplify testsMorten Tokle2021-05-251-0/+17
* Remove com.yahoo.vespa.jdk8compatBjørn Christian Seime2021-03-1015-104/+31
* Make TLS protocol version configurable in TLS config fileBjørn Christian Seime2021-02-248-11/+49
* Disable TLSV1.3Bjørn Christian Seime2021-02-241-1/+2
* Allow TLSv1.3Bjørn Christian Seime2021-02-181-1/+1
* Use singleton already present.Henning Baldersheim2021-01-281-4/+0
* Use a single, shared TlsContext instanceBjørn Christian Seime2021-01-142-18/+31