-
Notifications
You must be signed in to change notification settings - Fork 395
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose username and group from the appropriate headers #110
Comments
To date, we put all the custom logic here => |
All of this stuff is done automatically for you if you wire your server correctly, for example
|
Use this code as an example for wiring up an aggregated API server correctly. |
Hi @enj thank you very much for your quick response! What we would like to do is to access the
Since this Taking as reference the sample-apiserver, exists a way to access to the All the best, |
@lucasepe I am not sure that I would recommend that you change the resource based on the user, but you can do that via:
|
Thank you very much @enj ! It works! All the best, |
/close |
@enj: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Hi everyone! We're implementing an aggregation layer leveraging the apiserver package. In our use case we need to retrieve the headers in order to understand who's the user making the request.
We were looking at the documentation: https://kubernetes.io/docs/tasks/extend-kubernetes/configure-aggregation-layer/#extension-apiserver-authenticates-the-request - in particular the following paragraph:
Check that the TLS connection was authenticated using a client certificate which:
But it seems that the apiserver package is not exposing these headers. Could anyone help me pointing out if there's a way to retrieve these headers after the authn/authz phases?
Thanks for any help!
The text was updated successfully, but these errors were encountered: