security

package
v0.15.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 22, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Credentials

type Credentials struct {
	Username       string `yaml:",omitempty"`
	Password       string `yaml:",omitempty"`
	Token          string `yaml:",omitempty"`
	AllowAnonymous bool   `yaml:"allow_anonymous,omitempty"`
}

Credentials provides information when needing to authenticate to remote endpoints. Credentials are either a username/password or a bearer token, but not both.

func (*Credentials) GetHTTPAuthHeader

func (c *Credentials) GetHTTPAuthHeader() (headerName string, headerValue string, err error)

GetHTTPAuthHeader provides the authentication ehader name and value (can be empty), or an error

func (*Credentials) ValidateCredentials

func (c *Credentials) ValidateCredentials() error

ValidateCredentials makes sure that if username is provided, so is password (and vice versa) and also makes sure if username/password is provided that token is not (and vice versa). It is valid to have nothing defined (no username, password, nor token), but if nothing is defined and the "AllowAnonymous" flag is false, this usually means the person who installed Kiali most likely forgot to set credentials - therefore access should always be denied. If nothing is defined and the "AllowAnonymous" flag is true, this means anonymous access is specifically allowed. If the "AllowAnonymous" flag is true but non-empty credentials are defined, an error results.

type Identity

type Identity struct {
	CertFile       string `yaml:"cert_file"`
	PrivateKeyFile string `yaml:"private_key_file"`
}

Identity security details about a client.

type TLS

type TLS struct {
	SkipCertificateValidation bool `yaml:"skip_certificate_validation,omitempty"`
}

TLS options - SkipCertificateValidation will disable server certificate verification - the client will accept any certificate presented by the server and any host name in that certificate.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL