Commit Graph

13 Commits (9a3fb3cb1f6156c1b889a2bbc1eb10d0dd6ff0fa)

Author SHA1 Message Date
Jordan Liggitt 92bd58ede6 ServiceAccount e2e/integration tests 2015-05-11 17:18:06 -04:00
Eric Paris 6b3a6e6b98 Make copyright ownership statement generic
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
2015-05-01 17:49:56 -04:00
deads2k 00fc17e690 abac policy file parsing bug 2015-04-02 11:13:20 -04:00
Kris Rousey 6904c4d585 Fixing a lot of string formatting issues with regards to:
* Improper format specifier (e.g. %s for bools or %s for ints)
  * More or less parameters than format specifiers
  * Not calling a formatting function when it should have (e.g. Error() instead of Errorf())
2015-03-31 16:47:10 -07:00
Brendan Burns 7c654a3d1b Expand test coverage in master, kubectl/cmd/util, pkg/registry/resourcequota, and api/rest. 2015-03-07 15:24:39 -08:00
deads2k 8a2fe9bd2b modify policy to correctly identify resource versus kind 2015-02-04 13:36:01 -05:00
Eric Tune 7648aa2a93 update ABAC example with right kubelet/proxy perms. 2015-01-30 11:05:27 -08:00
Jordan Liggitt 9d8d313113 Initial addition of groups to user/policy 2014-12-18 15:33:45 -05:00
Sam Ghods 6399854240 Remove unused YAML tags and GetYAML/SetYAML methods
Unneeded after move to ghodss/yaml.
2014-12-02 16:25:28 -08:00
Eric Tune 6e81e8c896 Basic ACL file.
Added function to read basic ACL from a CSV file.
Added implementation of Authorize based on that file's policies.
Added docs on authentication and authorization.
Added example file and tested it.
2014-11-05 16:06:22 -08:00
Eric Tune 1668c6f107 Authorization based on namespace, kind, readonly.
Also, pass Authorizer into master.Config.
2014-11-03 17:45:15 -08:00
Eric Tune 3045035512 Get user from request and put in authz attribs.
Added integration tests for user-based auth.
2014-11-03 16:38:56 -08:00
Eric Tune 55c2d6bbbb Add basic Authorization.
Added basic interface for authorizer implementations.
Added default "authorize everything" and "authorize nothing
implementations.
Added authorization check immediately after authentication check.
Added an integration test of authorization at the HTTP level of
abstraction.
2014-10-31 12:04:33 -07:00