kubernetes

Author	SHA1	Message	Date
Jordan Liggitt	e024e55e8e	Add verb to authorizer attributes	2015-10-01 23:54:02 -04:00
deads2k	8db054651c	plumb APIGroup to authorization attributes and test	2015-09-30 09:45:10 -04:00
Wojciech Tyczynski	53ae56f205	Replace "minion" with "node" in bunch of places.	2015-09-14 11:07:11 +02:00
Ruddarraju, Uday Kumar Raju	f8d6f13f7c	Union of authorizers	2015-09-04 11:04:50 -07:00
Jordan Liggitt	848ec0491e	fix ABAC tests	2015-08-10 16:07:08 -04:00
Marek Grabowski	5f9cefc1d8	Merge pull request #12441 from vlajos/typofixes-vlajos-20150807 typofix - https://github.com/vlajos/misspell_fixer	2015-08-10 16:33:52 +02:00
xiejunan	8d99ba94c8	modify example and doc for ABAC authorization	2015-08-10 18:46:13 +08:00
Veres Lajos	9f77e49109	typofix - https://github.com/vlajos/misspell_fixer	2015-08-08 22:31:48 +01:00
Mike Danese	17defc7383	run gofmt on everything we touched	2015-08-05 17:52:56 -07:00
Mike Danese	8e33cbfa28	rewrite go imports	2015-08-05 17:30:03 -07:00
Jordan Liggitt	92bd58ede6	ServiceAccount e2e/integration tests	2015-05-11 17:18:06 -04:00
Eric Paris	6b3a6e6b98	Make copyright ownership statement generic Instead of saying "Google Inc." (which is not always correct) say "The Kubernetes Authors", which is generic.	2015-05-01 17:49:56 -04:00
Robert Bailey	4304b1d24a	Set the 'WWW-Authenticate' header on 401 responses when basic auth is enabled. This is required for basic auth to work with web browsers.	2015-04-28 11:00:05 -07:00
deads2k	00fc17e690	abac policy file parsing bug	2015-04-02 11:13:20 -04:00
Kris Rousey	6904c4d585	Fixing a lot of string formatting issues with regards to: * Improper format specifier (e.g. %s for bools or %s for ints) * More or less parameters than format specifiers * Not calling a formatting function when it should have (e.g. Error() instead of Errorf())	2015-03-31 16:47:10 -07:00
Brendan Burns	7c654a3d1b	Expand test coverage in master, kubectl/cmd/util, pkg/registry/resourcequota, and api/rest.	2015-03-07 15:24:39 -08:00
Jordan Liggitt	083ce268e0	Put user in context, map requests to context above resthandler layer	2015-02-12 20:58:04 -05:00
deads2k	8a2fe9bd2b	modify policy to correctly identify resource versus kind	2015-02-04 13:36:01 -05:00
Eric Tune	7648aa2a93	update ABAC example with right kubelet/proxy perms.	2015-01-30 11:05:27 -08:00
Jordan Liggitt	9d8d313113	Initial addition of groups to user/policy	2014-12-18 15:33:45 -05:00
Sam Ghods	6399854240	Remove unused YAML tags and GetYAML/SetYAML methods Unneeded after move to ghodss/yaml.	2014-12-02 16:25:28 -08:00
Jordan Liggitt	3532be3c82	Add basicauth and password authenticators	2014-11-24 17:52:10 -05:00
Jordan Liggitt	c895331277	Make master take authenticator.Request interface instead of tokenfile	2014-11-19 15:07:51 -05:00
Eric Tune	6e81e8c896	Basic ACL file. Added function to read basic ACL from a CSV file. Added implementation of Authorize based on that file's policies. Added docs on authentication and authorization. Added example file and tested it.	2014-11-05 16:06:22 -08:00
Eric Tune	1668c6f107	Authorization based on namespace, kind, readonly. Also, pass Authorizer into master.Config.	2014-11-03 17:45:15 -08:00
Eric Tune	3045035512	Get user from request and put in authz attribs. Added integration tests for user-based auth.	2014-11-03 16:38:56 -08:00
Eric Tune	55c2d6bbbb	Add basic Authorization. Added basic interface for authorizer implementations. Added default "authorize everything" and "authorize nothing implementations. Added authorization check immediately after authentication check. Added an integration test of authorization at the HTTP level of abstraction.	2014-10-31 12:04:33 -07:00
Eric Tune	800284164a	Fix format specifiers in Printf-type functions.	2014-10-09 17:06:32 -07:00
Clayton Coleman	c8ef4b8230	Add simple Bearer authenticator filter for Kube * Default file based implementation * Define some simple interfaces * Add -token_auth_file to apiserver that will start the apiserver with a request filter for tokens	2014-10-07 13:25:12 -04:00

29 Commits