Kubernetes WAF Version 1.11.0
This version includes the following new capabilities:
JWT Support
JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. The most common scenario for using JWT is for authorization.
Once the user is logged in, each subsequent request will include the JWT allowing the user to access routes, services, and resources that are permitted with that token.
To operate with the “JWT Protection”, the KWAF enforcer:
Locates the JWT token in the request.Validate its structure.Validate the timeslot to use the token (“not before” and “expiration” claims).Validated its signature. The validation key is fetched to verify the signature of the JWT and the algorithm.Configurable Parser Based on the HTTP Content-Type Headers
KWAF uses multiple parsers to process security inspection. A specific parser is automatically used depending on the HTTP content-type of the request.
In this version, we added support to manually configure the parser based on the home-made customer HTTP Content-type.
This feature can also be used to block a request based on a specific HTTP Content-type.
Partial Request Support
In a large-scale deployment, KWAF can be configured to receive a partial request.
In such a case, in the Decoding Behavior, you can specify how KWAF handles the request:
Security Event: The partial request will not be inspected; a Security Event will be reported.Inspect: The partial request will be inspected, and the RFC violation will be ignored (if relevant).Ignore: The partial request will be inspected with a partial value (if it exists).