github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-15 14:14:39 +00:00
Code Issues Projects Releases Wiki Activity

Put loopback authn/authz first in chain

Browse Source
This commit is contained in:
Jordan Liggitt
2016-09-22 15:03:34 -04:00
parent b79c99da1b
commit 2ac293a0bd
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/kube-apiserver/app/server.go
View File

@@ -279,10 +279,10 @@ func Run(s *options.APIServer) error {
}
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
}
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)

4
federation/cmd/federation-apiserver/app/server.go
View File

@@ -187,10 +187,10 @@ func Run(s *options.ServerRunOptions) error {
}
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
}
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)