From 0cf3d935eb91358cfa91051e25b379e60e2f2c3f Mon Sep 17 00:00:00 2001 From: Deb Adair Date: Mon, 26 Jun 2017 10:35:25 -0700 Subject: [PATCH] [DOCS] Fixed xrefs to X-Pack content. Original commit: elastic/x-pack-elasticsearch@c9ed85e910e1f691d58e7efdebd0e12649011123 --- docs/en/settings/security-settings.asciidoc | 50 ++++++++++----------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/docs/en/settings/security-settings.asciidoc b/docs/en/settings/security-settings.asciidoc index 4438eb1832b..c6ab70c659d 100644 --- a/docs/en/settings/security-settings.asciidoc +++ b/docs/en/settings/security-settings.asciidoc @@ -2,11 +2,11 @@ == Security Settings You configure `xpack.security` settings to -<> +<> and perform message authentication, <>, <>, -and {ref}/security-settings.html#ssl-tls-settings[encrypt communications with SSL]. +and <>. [float] [[general-security-settings]] @@ -20,14 +20,15 @@ Configure in both `elasticsearch.yml` and `kibana.yml`. === Default Password Security Settings `xpack.security.authc.accept_default_password`:: In `elasticsearch.yml`, set this to `false` to disable support for the default "changeme" password. -For more information, see <>. +For more information, see {xpack-ref}/setting-up-authentication.html#disabling-default-password[ +Disable Default Password Functionality]. [float] [[anonymous-access-settings]] === Anonymous Access Settings You can configure the following anonymous access settings in -`elasticsearch.yml`. For more information, see <>. +`elasticsearch.yml`. For more information, see {xpack-ref}/anonymous-access.html[ +Enabling Anonymous Access]. `xpack.security.authc.anonymous.username`:: The username (principal) of the anonymous user. Defaults to `_es_anonymous_user`. @@ -49,8 +50,8 @@ access. Defaults to `true`. You can set the following document and field level security settings in `elasticsearch.yml`. For more information, see -<>. +{xpack-ref}/field-and-document-access-control.html[Setting Up Document and Field +Level Security]. `xpack.security.dls_fls.enabled`:: Set to `false` to prevent document and field level security @@ -103,7 +104,7 @@ xpack.security.authc.realms: ---------------------------------------- The valid settings vary depending on the realm type. For more -information, see <>. +information, see {xpack-ref}/setting-up-authentication.html[Setting Up Authentication]. [float] ==== Settings Valid for All Realms @@ -134,8 +135,8 @@ Defaults to 100,000. `cache.hash_algo`:: (Expert Setting) The hashing algorithm that is used for the in-memory cached -user credentials. See the <> table f -or all possible values. Defaults to `ssha256`. +user credentials. See the {xpack-ref}/controlling-user-cache.html#controlling-user-cache[Cache hash algorithms] table for +all possible values. Defaults to `ssha256`. [[ref-ldap-settings]] [float] @@ -145,7 +146,7 @@ An LDAP URL in the format `ldap[s]://:`. Required. `load_balance.type`:: The behavior to use when there are multiple LDAP URLs defined. For supported -values see <>. +values see {xpack-ref}/ldap-realm.html#ldap-load-balancing[LDAP load balancing and failover types]. Defaults to `failover`. `load_balance.cache_ttl`:: @@ -167,7 +168,7 @@ The DN template that replaces the user name with the string `{0}`. This element is multivalued; you can specify multiple user contexts. Required to operate in user template mode. Not valid if `user_search.base_dn` is specified. For more information on -the different modes, see <>. +the different modes, see {xpack-ref}/ldap-realm.html[LDAP realms]. `user_group_attribute`:: Specifies the attribute to examine on the user for group membership. @@ -178,7 +179,7 @@ The default is `memberOf`. This setting will be ignored if any Specifies a container DN to search for users. Required to operated in user search mode. Not valid if `user_dn_templates is specified. For more information on -the different modes, see <>. +the different modes, see {xpack-ref}/ldap-realm.html[LDAP realms]. `user_search.scope`:: The scope of the user search. Valid values are `sub_tree`, `one_level` or @@ -244,8 +245,8 @@ LDAP groups that are not referenced in a role-mapping _file_ are used as role names and assigned to the user. Defaults to `false`. `files.role_mapping`:: -The <> for the <>. Defaults to +The {xpack-ref}/security-files.html[location] for the {xpack-ref}/mapping-roles.html#mapping-roles[ +YAML role mapping configuration file]. Defaults to `CONFIG_DIR/x-pack/role_mapping.yml`. `follow_referrals`:: @@ -328,7 +329,7 @@ Defaults to `100000`. `cache.hash_algo`:: (Expert Setting) Specifies the hashing algorithm that is used for the -in-memory cached user credentials (see <> +in-memory cached user credentials (see {xpack-ref}/controlling-user-cache.html#controlling-user-cache[Cache hash algorithms] table for all possible values). Defaults to `ssha256`. [[ref-ad-settings]] @@ -340,7 +341,7 @@ A URL in the format `ldap[s]://:`. Defaults to `ldap://>. +values see {xpack-ref}/active-directory-realm.html#ad-load-balancing[load balancing and failover types]. Defaults to `failover`. `load_balance.cache_ttl`:: @@ -359,8 +360,8 @@ LDAP groups that are not referenced in a role-mapping _file_ are used as role names and assigned to the user. Defaults to `false`. `files.role_mapping`:: -The <> for the <>. Defaults to `CONFIG_DIR/x-pack/role_mapping.yml`. +The {xpack-ref}/security-files.html[location] for the YAML +role mapping configuration file. Defaults to `CONFIG_DIR/x-pack/role_mapping.yml`. `user_search.base_dn`:: The context to search for a user. Defaults to the root @@ -480,8 +481,7 @@ Defaults to `100000`. `cache.hash_algo`:: (Expert Setting) Specifies the hashing algorithm that will be used for -the in-memory cached user credentials (see <> table for all possible values). Defaults to `ssha256`. +the in-memory cached user credentials (see {xpack-ref}/controlling-user-cache.html#controlling-user-cache[Cache hash algorithms] table for all possible values). Defaults to `ssha256`. [[ref-pki-settings]] [float] @@ -508,8 +508,8 @@ The password for the truststore. Must be provided if `truststore.path` is set. Algorithm for the trustsore. Defaults to `SunX509`. `files.role_mapping`:: -Specifies the <> for the -<>. +Specifies the {xpack-ref}/security-files.html[location] of the +{xpack-ref}/mapping-roles.html[YAML role mapping configuration file]. Defaults to `CONFIG_DIR/x-pack/role_mapping.yml`. [float] @@ -517,7 +517,7 @@ Defaults to `CONFIG_DIR/x-pack/role_mapping.yml`. === Default TLS/SSL Settings You can configure the following TLS/SSL settings in `elasticsearch.yml`. For more information, see -<>. These settings will be used +{xpack-ref}/encrypting-communications.html[Encrypting Communications]. These settings will be used for all of {xpack} unless they have been overridden by more specific settings such as those for HTTP or Transport. @@ -630,7 +630,7 @@ setting, this would be `transport.profiles.$PROFILE.xpack.security.ssl.enabled`. [float] [[ip-filtering-settings]] === IP Filtering Settings -You can configure the following settings for <>. +You can configure the following settings for {xpack-ref}/ip-filtering.html[IP filtering]. `xpack.security.transport.filter.allow`:: List of IP addresses to allow.