mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Merge pull request #112181 from xueqzhan/disable-anonymous
Add DisableAnonymous to DelegatingAuthenticationOptions
This commit is contained in:
commit
23790ec7fa
@ -202,6 +202,9 @@ type DelegatingAuthenticationOptions struct {
|
|||||||
|
|
||||||
// CustomRoundTripperFn allows for specifying a middleware function for custom HTTP behaviour for the authentication webhook client.
|
// CustomRoundTripperFn allows for specifying a middleware function for custom HTTP behaviour for the authentication webhook client.
|
||||||
CustomRoundTripperFn transport.WrapperFunc
|
CustomRoundTripperFn transport.WrapperFunc
|
||||||
|
|
||||||
|
// DisableAnonymous gives user an option to disable Anonymous authentication.
|
||||||
|
DisableAnonymous bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions {
|
func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions {
|
||||||
@ -283,7 +286,7 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(authenticationInfo *server.Aut
|
|||||||
}
|
}
|
||||||
|
|
||||||
cfg := authenticatorfactory.DelegatingAuthenticatorConfig{
|
cfg := authenticatorfactory.DelegatingAuthenticatorConfig{
|
||||||
Anonymous: true,
|
Anonymous: !s.DisableAnonymous,
|
||||||
CacheTTL: s.CacheTTL,
|
CacheTTL: s.CacheTTL,
|
||||||
WebhookRetryBackoff: s.WebhookRetryBackoff,
|
WebhookRetryBackoff: s.WebhookRetryBackoff,
|
||||||
TokenAccessReviewTimeout: s.TokenRequestTimeout,
|
TokenAccessReviewTimeout: s.TokenRequestTimeout,
|
||||||
|
Loading…
Reference in New Issue
Block a user