1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Commit graph

11 commits

Author SHA1 Message Date
Mary Anthony
e310d070f4 Creating Engine specific menu
Fixing the links
Updating with Seb's comments
Adding weight
Fixing the engine aliases
Updating after Arun pushed
Removing empty file

Signed-off-by: Mary Anthony <mary@docker.com>
2016-01-26 15:58:53 -08:00
Tibor Vass
5c630ea7c3 Rename authz to authorization for greater clarity
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-01-13 14:15:37 -05:00
Sebastiaan van Stijn
eaf7932faf Merge pull request #18769 from runcom/docs-auth-1
docs: extend: authorization.md: add a note about confidential stuff in Err
2015-12-19 14:53:25 +01:00
Antonio Murdaca
5a64c8027e authZ: more fixes
- fix naming and formatting
- provide more context when erroring auth
- do not capitalize errors
- fix wrong documentation
- remove ugly remoteError{}

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-18 16:29:01 +01:00
Antonio Murdaca
1e28f04fec docs: extend: authorization.md: add a note about confidential stuff in Err
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-18 11:28:28 +01:00
Antonio Murdaca
46e3a249a1 pkg: authorization: add Err to tweak response status code
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-17 11:08:47 +01:00
Liron Levin
de4ffdfe48 Change authz plugin argument name
Signed-off-by: Liron Levin <liron@twistlock.com>
2015-12-11 20:59:15 +02:00
Dima Stopel
b7af5bcd20 Fixing documentation comments by @thaJeztah
Signed-off-by: Dima Stopel <dima@twistlock.com>
2015-12-11 07:03:58 +02:00
Dima Stopel
8cc0892269 Fixing documentation according to comments by @moxiegirl and @thaJeztah
Signed-off-by: Dima Stopel <dima@twistlock.com>
2015-12-08 17:34:15 +02:00
Liron Levin
75c353f0ad Docker authorization plug-in infrastructure enables extending the functionality of the Docker daemon with respect to user authorization. The infrastructure enables registering a set of external authorization plug-in. Each plug-in receives information about the user and the request and decides whether to allow or deny the request. Only in case all plug-ins allow accessing the resource the access is granted.
Each plug-in operates as a separate service, and registers with Docker
through general (plug-ins API)
[https://blog.docker.com/2015/06/extending-docker-with-plugins/]. No
Docker daemon recompilation is required in order to add / remove an
authentication plug-in. Each plug-in is notified twice for each
operation: 1) before the operation is performed and, 2) before the
response is returned to the client. The plug-ins can modify the response
that is returned to the client.

The authorization depends on the authorization effort that takes place
in parallel [https://github.com/docker/docker/issues/13697].

This is the official issue of the authorization effort:
https://github.com/docker/docker/issues/14674

(Here)[https://github.com/rhatdan/docker-rbac] you can find an open
document that discusses a default RBAC plug-in for Docker.

Signed-off-by: Liron Levin <liron@twistlock.com>
Added container create flow test and extended the verification for ps
2015-12-08 17:34:15 +02:00
Dima Stopel
630f695fb1 Adding authorization subsystem documentation
Signed-off-by: Dima Stopel <dima@twistlock.com>
2015-12-08 17:32:17 +02:00