kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #112181 from xueqzhan/disable-anonymous 

Add DisableAnonymous to DelegatingAuthenticationOptions

Kubernetes-commit: 23790ec7fa8fd3c5b18edd85bc12ba4d76f50e1f
This commit is contained in:
Kubernetes Publisher 2022-09-06 10:28:03 -07:00
parent a4ec96bb5a 9d6934f8fa
commit 0a1e460ca0
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/server/options/authentication.go
View File

@ -202,6 +202,9 @@ type DelegatingAuthenticationOptions struct {
// CustomRoundTripperFn allows for specifying a middleware function for custom HTTP behaviour for the authentication webhook client. // CustomRoundTripperFn allows for specifying a middleware function for custom HTTP behaviour for the authentication webhook client.
CustomRoundTripperFn transport.WrapperFunc CustomRoundTripperFn transport.WrapperFunc
// DisableAnonymous gives user an option to disable Anonymous authentication.
DisableAnonymous bool
} }
func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions { func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions {
@ -283,7 +286,7 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(authenticationInfo *server.Aut
} }
cfg := authenticatorfactory.DelegatingAuthenticatorConfig{ cfg := authenticatorfactory.DelegatingAuthenticatorConfig{
Anonymous: true, Anonymous: !s.DisableAnonymous,
CacheTTL: s.CacheTTL, CacheTTL: s.CacheTTL,
WebhookRetryBackoff: s.WebhookRetryBackoff, WebhookRetryBackoff: s.WebhookRetryBackoff,
TokenAccessReviewTimeout: s.TokenRequestTimeout, TokenAccessReviewTimeout: s.TokenRequestTimeout,