mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Put loopback authn/authz first in chain
This commit is contained in:
parent
b79c99da1b
commit
2ac293a0bd
@ -279,10 +279,10 @@ func Run(s *options.APIServer) error {
|
||||
}
|
||||
|
||||
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
|
||||
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
|
||||
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
|
||||
|
||||
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
|
||||
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
|
||||
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
|
||||
}
|
||||
|
||||
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)
|
||||
|
@ -187,10 +187,10 @@ func Run(s *options.ServerRunOptions) error {
|
||||
}
|
||||
|
||||
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
|
||||
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
|
||||
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
|
||||
|
||||
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
|
||||
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
|
||||
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
|
||||
}
|
||||
|
||||
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)
|
||||
|
Loading…
Reference in New Issue
Block a user