Put loopback authn/authz first in chain

This commit is contained in:
Jordan Liggitt 2016-09-22 15:03:34 -04:00
parent b79c99da1b
commit 2ac293a0bd
No known key found for this signature in database
GPG Key ID: 24E7ADF9A3B42012
2 changed files with 4 additions and 4 deletions

View File

@ -279,10 +279,10 @@ func Run(s *options.APIServer) error {
}
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
}
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)

View File

@ -187,10 +187,10 @@ func Run(s *options.ServerRunOptions) error {
}
tokenAuthenticator := authenticator.NewAuthenticatorFromTokens(tokens)
apiAuthenticator = authenticatorunion.New(apiAuthenticator, tokenAuthenticator)
apiAuthenticator = authenticatorunion.New(tokenAuthenticator, apiAuthenticator)
tokenAuthorizer := authorizer.NewPrivilegedGroups("system:masters")
apiAuthorizer = authorizerunion.New(apiAuthorizer, tokenAuthorizer)
apiAuthorizer = authorizerunion.New(tokenAuthorizer, apiAuthorizer)
}
sharedInformers := informers.NewSharedInformerFactory(client, 10*time.Minute)