diff --git a/elasticsearch/qa/shield-audit-tests/build.gradle b/elasticsearch/qa/shield-audit-tests/build.gradle index 749613c9cc4..7b0c0cbe825 100644 --- a/elasticsearch/qa/shield-audit-tests/build.gradle +++ b/elasticsearch/qa/shield-audit-tests/build.gradle @@ -10,7 +10,7 @@ integTest { setting 'shield.audit.enabled', 'true' setting 'shield.audit.outputs', 'index' setupCommand 'setupDummyUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/qa/shield-client-tests/build.gradle b/elasticsearch/qa/shield-client-tests/build.gradle index a60fb47b4eb..75199ff7eeb 100644 --- a/elasticsearch/qa/shield-client-tests/build.gradle +++ b/elasticsearch/qa/shield-client-tests/build.gradle @@ -8,9 +8,9 @@ integTest { cluster { plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack') setupCommand 'setupDummyUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' setupCommand 'setupTransportClientUser', - 'bin/xpack/esusers', 'useradd', 'transport', '-p', 'changeme', '-r', 'transport_client' + 'bin/xpack/users', 'useradd', 'transport', '-p', 'changeme', '-r', 'transport_client' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/qa/shield-core-rest-tests/build.gradle b/elasticsearch/qa/shield-core-rest-tests/build.gradle index d8580fcac10..e8b38558d15 100644 --- a/elasticsearch/qa/shield-core-rest-tests/build.gradle +++ b/elasticsearch/qa/shield-core-rest-tests/build.gradle @@ -37,7 +37,7 @@ integTest { setting 'xpack.watcher.enabled', 'false' setting 'xpack.monitoring.enabled', 'false' setupCommand 'setupDummyUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/qa/shield-example-realm/build.gradle b/elasticsearch/qa/shield-example-realm/build.gradle index 924133c3baf..20b8dd2c37b 100644 --- a/elasticsearch/qa/shield-example-realm/build.gradle +++ b/elasticsearch/qa/shield-example-realm/build.gradle @@ -39,10 +39,10 @@ task integTest(type: org.elasticsearch.gradle.test.RestIntegTestTask, dependsOn: setting 'shield.authc.realms.custom.order', '0' setting 'shield.authc.realms.custom.type', 'custom' setting 'shield.authc.realms.esusers.order', '1' - setting 'shield.authc.realms.esusers.type', 'esusers' + setting 'shield.authc.realms.esusers.type', 'file' setupCommand 'setupDummyUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' setupCommand 'installExtension', 'bin/xpack/extension', 'install', 'file:' + buildZip.archivePath waitCondition = { node, ant -> diff --git a/elasticsearch/qa/shield-reindex-tests/build.gradle b/elasticsearch/qa/shield-reindex-tests/build.gradle index 6bfd5017390..735090a7c36 100644 --- a/elasticsearch/qa/shield-reindex-tests/build.gradle +++ b/elasticsearch/qa/shield-reindex-tests/build.gradle @@ -19,7 +19,7 @@ integTest { can_not_see_hidden_fields_user: 'can_not_see_hidden_fields', ].each { String user, String role -> setupCommand 'setupUser#' + user, - 'bin/xpack/esusers', 'useradd', user, '-p', 'changeme', '-r', role + 'bin/xpack/users', 'useradd', user, '-p', 'changeme', '-r', role } waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') diff --git a/elasticsearch/qa/smoke-test-graph-with-shield/build.gradle b/elasticsearch/qa/smoke-test-graph-with-shield/build.gradle index 59b1d61e454..5c3cb6551d0 100644 --- a/elasticsearch/qa/smoke-test-graph-with-shield/build.gradle +++ b/elasticsearch/qa/smoke-test-graph-with-shield/build.gradle @@ -18,11 +18,11 @@ integTest { plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack') extraConfigFile 'xpack/roles.yml', 'roles.yml' setupCommand 'setupTestAdminUser', - 'bin/xpack/esusers', 'useradd', 'test_admin', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_admin', '-p', 'changeme', '-r', 'admin' setupCommand 'setupGraphExplorerUser', - 'bin/xpack/esusers', 'useradd', 'graph_explorer', '-p', 'changeme', '-r', 'graph_explorer' + 'bin/xpack/users', 'useradd', 'graph_explorer', '-p', 'changeme', '-r', 'graph_explorer' setupCommand 'setupPowerlessUser', - 'bin/xpack/esusers', 'useradd', 'no_graph_explorer', '-p', 'changeme', '-r', 'no_graph_explorer' + 'bin/xpack/users', 'useradd', 'no_graph_explorer', '-p', 'changeme', '-r', 'no_graph_explorer' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/qa/smoke-test-plugins-ssl/build.gradle b/elasticsearch/qa/smoke-test-plugins-ssl/build.gradle index 8de1ff62414..a3fc29f702e 100644 --- a/elasticsearch/qa/smoke-test-plugins-ssl/build.gradle +++ b/elasticsearch/qa/smoke-test-plugins-ssl/build.gradle @@ -165,9 +165,9 @@ integTest { extraConfigFile clientKeyStore.name, clientKeyStore setupCommand 'setupTestUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' setupCommand 'setupMarvelUser', - 'bin/xpack/esusers', 'useradd', 'monitoring_agent', '-p', 'changeme', '-r', 'remote_monitoring_agent' + 'bin/xpack/users', 'useradd', 'monitoring_agent', '-p', 'changeme', '-r', 'remote_monitoring_agent' waitCondition = { node, ant -> // HTTPS check is tricky to do, so we wait for the log file to indicate that the node is started diff --git a/elasticsearch/qa/smoke-test-plugins/build.gradle b/elasticsearch/qa/smoke-test-plugins/build.gradle index 2a7fb4e1fd4..b62b0c6b798 100644 --- a/elasticsearch/qa/smoke-test-plugins/build.gradle +++ b/elasticsearch/qa/smoke-test-plugins/build.gradle @@ -18,7 +18,7 @@ integTest { plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack') setupCommand 'setupDummyUser', - 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/qa/smoke-test-watcher-with-shield/build.gradle b/elasticsearch/qa/smoke-test-watcher-with-shield/build.gradle index 580aa48980f..12b40d0914f 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-shield/build.gradle +++ b/elasticsearch/qa/smoke-test-watcher-with-shield/build.gradle @@ -22,11 +22,11 @@ integTest { plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack') extraConfigFile 'xpack/roles.yml', 'roles.yml' setupCommand 'setupTestAdminUser', - 'bin/xpack/esusers', 'useradd', 'test_admin', '-p', 'changeme', '-r', 'admin' + 'bin/xpack/users', 'useradd', 'test_admin', '-p', 'changeme', '-r', 'admin' setupCommand 'setupWatcherManagerUser', - 'bin/xpack/esusers', 'useradd', 'watcher_manager', '-p', 'changeme', '-r', 'watcher_manager' + 'bin/xpack/users', 'useradd', 'watcher_manager', '-p', 'changeme', '-r', 'watcher_manager' setupCommand 'setupPowerlessUser', - 'bin/xpack/esusers', 'useradd', 'powerless_user', '-p', 'changeme', '-r', 'crappy_role' + 'bin/xpack/users', 'useradd', 'powerless_user', '-p', 'changeme', '-r', 'crappy_role' waitCondition = { node, ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/x-pack/build.gradle b/elasticsearch/x-pack/build.gradle index c2584564d5b..e71e06fe075 100644 --- a/elasticsearch/x-pack/build.gradle +++ b/elasticsearch/x-pack/build.gradle @@ -130,7 +130,7 @@ integTest { // TODO: fix this rest test to not depend on a hardcoded port! systemProperty 'tests.rest.blacklist', 'getting_started/10_monitor_cluster_health/*' cluster { - setupCommand 'setupDummyUser', 'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + setupCommand 'setupDummyUser', 'bin/xpack/users', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' waitCondition = { NodeInfo node, AntBuilder ant -> File tmpFile = new File(node.cwd, 'wait.success') ant.get(src: "http://${node.httpUri()}", diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/test/MarvelIntegTestCase.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/test/MarvelIntegTestCase.java index a2c9daae982..b6a3f76250a 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/test/MarvelIntegTestCase.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/test/MarvelIntegTestCase.java @@ -25,7 +25,7 @@ import org.elasticsearch.marvel.agent.exporter.MonitoringDoc; import org.elasticsearch.marvel.agent.resolver.MonitoringIndexNameResolver; import org.elasticsearch.marvel.client.MonitoringClient; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.crypto.InternalCryptoService; @@ -512,10 +512,10 @@ public abstract class MarvelIntegTestCase extends ESIntegTestCase { Files.createDirectories(folder); builder.put("shield.enabled", true) - .put("shield.authc.realms.esusers.type", ESUsersRealm.TYPE) - .put("shield.authc.realms.esusers.order", 0) - .put("shield.authc.realms.esusers.files.users", writeFile(folder, "users", USERS)) - .put("shield.authc.realms.esusers.files.users_roles", writeFile(folder, "users_roles", USER_ROLES)) + .put("shield.authc.realms.file.type", FileRealm.TYPE) + .put("shield.authc.realms.file.order", 0) + .put("shield.authc.realms.file.files.users", writeFile(folder, "users", USERS)) + .put("shield.authc.realms.file.files.users_roles", writeFile(folder, "users_roles", USER_ROLES)) .put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", ROLES)) .put("shield.system_key.file", writeFile(folder, "system_key.yml", systemKey)) .put("shield.authc.sign_user_header", false) diff --git a/elasticsearch/x-pack/shield/bin/xpack/esusers b/elasticsearch/x-pack/shield/bin/xpack/users similarity index 95% rename from elasticsearch/x-pack/shield/bin/xpack/esusers rename to elasticsearch/x-pack/shield/bin/xpack/users index c338ce7977e..fda25e854ee 100755 --- a/elasticsearch/x-pack/shield/bin/xpack/esusers +++ b/elasticsearch/x-pack/shield/bin/xpack/users @@ -95,7 +95,7 @@ if [ -e "$CONF_DIR" ]; then *-Des.default.path.conf=*) ;; *) if [ ! -d "$CONF_DIR/xpack" ]; then - echo "ERROR: The configuration directory [$CONF_DIR/xpack] does not exist. The esusers tool expects security configuration files in that location." + echo "ERROR: The configuration directory [$CONF_DIR/xpack] does not exist. The users tool expects security configuration files in that location." echo "The plugin may not have been installed with the correct configuration path. If [$ES_HOME/config/xpack] exists, please copy the 'xpack' directory to [$CONF_DIR]" exit 1 fi @@ -126,7 +126,7 @@ if [ "x$JAVA_TOOL_OPTIONS" != "x" ]; then fi cd "$ES_HOME" > /dev/null -"$JAVA" $ES_JAVA_OPTS -cp "$ES_CLASSPATH" -Des.path.home="$ES_HOME" $properties org.elasticsearch.shield.authc.esusers.tool.ESUsersTool "$@" +"$JAVA" $ES_JAVA_OPTS -cp "$ES_CLASSPATH" -Des.path.home="$ES_HOME" $properties org.elasticsearch.shield.authc.file.tool.UsersTool "$@" status=$? cd - > /dev/null exit $status diff --git a/elasticsearch/x-pack/shield/bin/xpack/esusers.bat b/elasticsearch/x-pack/shield/bin/xpack/users.bat similarity index 77% rename from elasticsearch/x-pack/shield/bin/xpack/esusers.bat rename to elasticsearch/x-pack/shield/bin/xpack/users.bat index 738f6b8b488..5a9d3d6f39c 100644 --- a/elasticsearch/x-pack/shield/bin/xpack/esusers.bat +++ b/elasticsearch/x-pack/shield/bin/xpack/users.bat @@ -5,5 +5,5 @@ rem or more contributor license agreements. Licensed under the Elastic License; rem you may not use this file except in compliance with the Elastic License. PUSHD "%~dp0" -CALL "%~dp0.in.bat" org.elasticsearch.shield.authc.esusers.tool.ESUsersTool %* +CALL "%~dp0.in.bat" org.elasticsearch.shield.authc.file.tool.UsersTool %* POPD \ No newline at end of file diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldLifecycleService.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldLifecycleService.java index cc34a2a0c4b..d8c4a5b75b0 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldLifecycleService.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldLifecycleService.java @@ -16,8 +16,8 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.AbstractRunnable; import org.elasticsearch.shield.audit.AuditTrailModule; import org.elasticsearch.shield.audit.index.IndexAuditTrail; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authc.esnative.NativeUsersStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.threadpool.ThreadPool; /** @@ -36,24 +36,24 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster private final Settings settings; private final ThreadPool threadPool; private final IndexAuditTrail indexAuditTrail; - private final ESNativeUsersStore esUserStore; - private final ESNativeRolesStore esRolesStore; + private final NativeUsersStore nativeUserStore; + private final NativeRolesStore nativeRolesStore; @Inject public ShieldLifecycleService(Settings settings, ClusterService clusterService, ThreadPool threadPool, - IndexAuditTrail indexAuditTrail, ESNativeUsersStore esUserStore, - ESNativeRolesStore esRolesStore, Provider clientProvider) { + IndexAuditTrail indexAuditTrail, NativeUsersStore nativeUserStore, + NativeRolesStore nativeRolesStore, Provider clientProvider) { super(settings); this.settings = settings; this.threadPool = threadPool; this.indexAuditTrail = indexAuditTrail; - this.esUserStore = esUserStore; - this.esRolesStore = esRolesStore; - // TODO: define a common interface for these and delegate from one place. esUserStore store is it's on cluster + this.nativeUserStore = nativeUserStore; + this.nativeRolesStore = nativeRolesStore; + // TODO: define a common interface for these and delegate from one place. nativeUserStore store is it's on cluster // state listener , but is also activated from this clusterChanged method clusterService.add(this); - clusterService.add(esUserStore); - clusterService.add(esRolesStore); + clusterService.add(nativeUserStore); + clusterService.add(nativeRolesStore); clusterService.add(new ShieldTemplateService(settings, clusterService, clientProvider, threadPool)); clusterService.addLifecycleListener(new LifecycleListener() { @@ -73,7 +73,7 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster public void clusterChanged(ClusterChangedEvent event) { final boolean master = event.localNodeMaster(); try { - if (esUserStore.canStart(event.state(), master)) { + if (nativeUserStore.canStart(event.state(), master)) { threadPool.generic().execute(new AbstractRunnable() { @Override public void onFailure(Throwable throwable) { @@ -83,7 +83,7 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster @Override public void doRun() { - esUserStore.start(); + nativeUserStore.start(); } }); } @@ -92,7 +92,7 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster } try { - if (esRolesStore.canStart(event.state(), master)) { + if (nativeRolesStore.canStart(event.state(), master)) { threadPool.generic().execute(new AbstractRunnable() { @Override public void onFailure(Throwable throwable) { @@ -102,7 +102,7 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster @Override public void doRun() { - esRolesStore.start(); + nativeRolesStore.start(); } }); } @@ -137,12 +137,12 @@ public class ShieldLifecycleService extends AbstractComponent implements Cluster public void stop() { try { - esUserStore.stop(); + nativeUserStore.stop(); } catch (Exception e) { logger.error("failed to stop native user module", e); } try { - esRolesStore.stop(); + nativeRolesStore.stop(); } catch (Exception e) { logger.error("failed to stop native roles module", e); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportClearRolesCacheAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportClearRolesCacheAction.java index 017b6b0a0e1..baca1f79a97 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportClearRolesCacheAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportClearRolesCacheAction.java @@ -12,7 +12,7 @@ import org.elasticsearch.cluster.service.ClusterService; import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; @@ -26,12 +26,12 @@ import java.util.concurrent.atomic.AtomicReferenceArray; public class TransportClearRolesCacheAction extends TransportNodesAction { - private final ESNativeRolesStore rolesStore; + private final NativeRolesStore rolesStore; @Inject public TransportClearRolesCacheAction(Settings settings, ClusterName clusterName, ThreadPool threadPool, ClusterService clusterService, TransportService transportService, ActionFilters actionFilters, - ESNativeRolesStore rolesStore, IndexNameExpressionResolver indexNameExpressionResolver) { + NativeRolesStore rolesStore, IndexNameExpressionResolver indexNameExpressionResolver) { super(settings, ClearRolesCacheAction.NAME, clusterName, threadPool, clusterService, transportService, actionFilters, indexNameExpressionResolver, ClearRolesCacheRequest::new, ClearRolesCacheRequest.Node::new, ThreadPool.Names.MANAGEMENT); diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportDeleteRoleAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportDeleteRoleAction.java index 1368ccce33a..f816055d334 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportDeleteRoleAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportDeleteRoleAction.java @@ -11,17 +11,17 @@ import org.elasticsearch.action.support.HandledTransportAction; import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; public class TransportDeleteRoleAction extends HandledTransportAction { - private final ESNativeRolesStore rolesStore; + private final NativeRolesStore rolesStore; @Inject public TransportDeleteRoleAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, - IndexNameExpressionResolver indexNameExpressionResolver, ESNativeRolesStore rolesStore, + IndexNameExpressionResolver indexNameExpressionResolver, NativeRolesStore rolesStore, TransportService transportService) { super(settings, DeleteRoleAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, DeleteRoleRequest::new); diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportGetRolesAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportGetRolesAction.java index 4f2abde5692..74882a5114b 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportGetRolesAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportGetRolesAction.java @@ -13,7 +13,7 @@ import org.elasticsearch.common.Strings; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authz.RoleDescriptor; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; @@ -21,12 +21,12 @@ import java.util.List; public class TransportGetRolesAction extends HandledTransportAction { - private final ESNativeRolesStore rolesStore; + private final NativeRolesStore rolesStore; @Inject public TransportGetRolesAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, IndexNameExpressionResolver indexNameExpressionResolver, - ESNativeRolesStore rolesStore, TransportService transportService) { + NativeRolesStore rolesStore, TransportService transportService) { super(settings, GetRolesAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, GetRolesRequest::new); this.rolesStore = rolesStore; diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportPutRoleAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportPutRoleAction.java index a34f9282a75..ca3e96ccef0 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportPutRoleAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/role/TransportPutRoleAction.java @@ -11,18 +11,18 @@ import org.elasticsearch.action.support.HandledTransportAction; import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; public class TransportPutRoleAction extends HandledTransportAction { - private final ESNativeRolesStore rolesStore; + private final NativeRolesStore rolesStore; @Inject public TransportPutRoleAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, IndexNameExpressionResolver indexNameExpressionResolver, - ESNativeRolesStore rolesStore, TransportService transportService) { + NativeRolesStore rolesStore, TransportService transportService) { super(settings, PutRoleAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, PutRoleRequest::new); this.rolesStore = rolesStore; } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/PutUserRequestBuilder.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/PutUserRequestBuilder.java index d3d2fc74320..38690a6b242 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/PutUserRequestBuilder.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/PutUserRequestBuilder.java @@ -49,7 +49,7 @@ public class PutUserRequestBuilder extends ActionRequestBuilder { - private final ESNativeUsersStore usersStore; + private final NativeUsersStore usersStore; @Inject public TransportDeleteUserAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, - IndexNameExpressionResolver indexNameExpressionResolver, ESNativeUsersStore usersStore, + IndexNameExpressionResolver indexNameExpressionResolver, NativeUsersStore usersStore, TransportService transportService) { super(settings, DeleteUserAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, DeleteUserRequest::new); diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportGetUsersAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportGetUsersAction.java index 0ea17927d61..8ac7a1adb0f 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportGetUsersAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportGetUsersAction.java @@ -13,7 +13,7 @@ import org.elasticsearch.common.Strings; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.User; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; +import org.elasticsearch.shield.authc.esnative.NativeUsersStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; @@ -21,11 +21,11 @@ import java.util.List; public class TransportGetUsersAction extends HandledTransportAction { - private final ESNativeUsersStore usersStore; + private final NativeUsersStore usersStore; @Inject public TransportGetUsersAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, - IndexNameExpressionResolver indexNameExpressionResolver, ESNativeUsersStore usersStore, + IndexNameExpressionResolver indexNameExpressionResolver, NativeUsersStore usersStore, TransportService transportService) { super(settings, GetUsersAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, GetUsersRequest::new); diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportPutUserAction.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportPutUserAction.java index 5b54c3c240d..254fbd3da9a 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportPutUserAction.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/action/user/TransportPutUserAction.java @@ -11,18 +11,18 @@ import org.elasticsearch.action.support.HandledTransportAction; import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; +import org.elasticsearch.shield.authc.esnative.NativeUsersStore; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.transport.TransportService; public class TransportPutUserAction extends HandledTransportAction { - private final ESNativeUsersStore usersStore; + private final NativeUsersStore usersStore; @Inject public TransportPutUserAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters, IndexNameExpressionResolver indexNameExpressionResolver, - ESNativeUsersStore usersStore, TransportService transportService) { + NativeUsersStore usersStore, TransportService transportService) { super(settings, PutUserAction.NAME, threadPool, transportService, actionFilters, indexNameExpressionResolver, PutUserRequest::new); this.usersStore = usersStore; } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/AuthenticationModule.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/AuthenticationModule.java index 8e8daf0713b..144f9f83c7c 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/AuthenticationModule.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/AuthenticationModule.java @@ -8,8 +8,8 @@ package org.elasticsearch.shield.authc; import org.elasticsearch.common.inject.multibindings.MapBinder; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.activedirectory.ActiveDirectoryRealm; -import org.elasticsearch.shield.authc.esnative.ESNativeRealm; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.esnative.NativeRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.authc.ldap.LdapRealm; import org.elasticsearch.shield.authc.pki.PkiRealm; import org.elasticsearch.shield.support.AbstractShieldModule; @@ -25,11 +25,11 @@ import java.util.Map.Entry; */ public class AuthenticationModule extends AbstractShieldModule.Node { - static final List INTERNAL_REALM_TYPES = Arrays.asList(ESUsersRealm.TYPE, ActiveDirectoryRealm.TYPE, LdapRealm.TYPE, - PkiRealm.TYPE); + static final List INTERNAL_REALM_TYPES = + Arrays.asList(NativeRealm.TYPE, FileRealm.TYPE, ActiveDirectoryRealm.TYPE, LdapRealm.TYPE, PkiRealm.TYPE); - private final Map>>> customRealms = new - HashMap<>(); + private final Map>>> customRealms = + new HashMap<>(); private Class authcFailureHandler = null; @@ -40,8 +40,8 @@ public class AuthenticationModule extends AbstractShieldModule.Node { @Override protected void configureNode() { MapBinder mapBinder = MapBinder.newMapBinder(binder(), String.class, Realm.Factory.class); - mapBinder.addBinding(ESUsersRealm.TYPE).to(ESUsersRealm.Factory.class).asEagerSingleton(); - mapBinder.addBinding(ESNativeRealm.TYPE).to(ESNativeRealm.Factory.class).asEagerSingleton(); + mapBinder.addBinding(FileRealm.TYPE).to(FileRealm.Factory.class).asEagerSingleton(); + mapBinder.addBinding(NativeRealm.TYPE).to(NativeRealm.Factory.class).asEagerSingleton(); mapBinder.addBinding(ActiveDirectoryRealm.TYPE).to(ActiveDirectoryRealm.Factory.class).asEagerSingleton(); mapBinder.addBinding(LdapRealm.TYPE).to(LdapRealm.Factory.class).asEagerSingleton(); mapBinder.addBinding(PkiRealm.TYPE).to(PkiRealm.Factory.class).asEagerSingleton(); diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/Realms.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/Realms.java index 1508fbdb6e0..39905e0ccbf 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/Realms.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/Realms.java @@ -10,8 +10,8 @@ import org.elasticsearch.common.component.AbstractLifecycleComponent; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.env.Environment; -import org.elasticsearch.shield.authc.esnative.ESNativeRealm; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.esnative.NativeRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.license.ShieldLicenseState; import java.util.ArrayList; @@ -135,11 +135,11 @@ public class Realms extends AbstractLifecycleComponent implements Iterab } /** - * returns the settings for the internal realm of the given type. Typically, internal realms may or may - * not be configured. If they are not configured, they work OOTB using default settings. If they are - * configured, there can only be one configured for an internal realm. + * returns the settings for the {@link FileRealm}. Typically, this realms may or may + * not be configured. If it is not configured, it will work OOTB using default settings. If it is + * configured, there can only be one configured instance. */ - public static Settings internalRealmSettings(Settings settings, String realmType) { + public static Settings fileRealmSettings(Settings settings) { Settings realmsSettings = settings.getAsSettings("shield.authc.realms"); Settings result = null; for (String name : realmsSettings.names()) { @@ -148,10 +148,10 @@ public class Realms extends AbstractLifecycleComponent implements Iterab if (type == null) { throw new IllegalArgumentException("missing realm type for [" + name + "] realm"); } - if (type.equals(realmType)) { + if (FileRealm.TYPE.equals(type)) { if (result != null) { - throw new IllegalArgumentException("multiple [" + realmType + "] realms are configured. only one [" + realmType + - "] may be configured"); + throw new IllegalArgumentException("multiple [" + FileRealm.TYPE + + "]realms are configured. only one may be configured"); } result = realmSettings; } @@ -160,13 +160,13 @@ public class Realms extends AbstractLifecycleComponent implements Iterab } private void addInternalRealms(List realms) { - Realm.Factory indexRealmFactory = factories.get(ESNativeRealm.TYPE); + Realm.Factory indexRealmFactory = factories.get(NativeRealm.TYPE); if (indexRealmFactory != null) { - realms.add(indexRealmFactory.createDefault("default_" + ESNativeRealm.TYPE)); + realms.add(indexRealmFactory.createDefault("default_" + NativeRealm.TYPE)); } - Realm.Factory esUsersRealm = factories.get(ESUsersRealm.TYPE); + Realm.Factory esUsersRealm = factories.get(FileRealm.TYPE); if (esUsersRealm != null) { - realms.add(esUsersRealm.createDefault("default_" + ESUsersRealm.TYPE)); + realms.add(esUsersRealm.createDefault("default_" + FileRealm.TYPE)); } } } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeRealm.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeRealm.java similarity index 73% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeRealm.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeRealm.java index d9b276de120..ba5277380d7 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeRealm.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeRealm.java @@ -19,13 +19,13 @@ import java.util.List; /** * User/password realm that is backed by an Elasticsearch index */ -public class ESNativeRealm extends CachingUsernamePasswordRealm { +public class NativeRealm extends CachingUsernamePasswordRealm { - public static final String TYPE = "esnative"; + public static final String TYPE = "native"; - final ESNativeUsersStore userStore; + final NativeUsersStore userStore; - public ESNativeRealm(RealmConfig config, ESNativeUsersStore usersStore) { + public NativeRealm(RealmConfig config, NativeUsersStore usersStore) { super(TYPE, config); this.userStore = usersStore; usersStore.addListener(new Listener()); @@ -46,7 +46,7 @@ public class ESNativeRealm extends CachingUsernamePasswordRealm { return userStore.verifyPassword(token.principal(), token.credentials()); } - class Listener implements ESNativeUsersStore.ChangeListener { + class Listener implements NativeUsersStore.ChangeListener { @Override public void onUsersChanged(List usernames) { @@ -56,14 +56,14 @@ public class ESNativeRealm extends CachingUsernamePasswordRealm { } } - public static class Factory extends Realm.Factory { + public static class Factory extends Realm.Factory { private final Settings settings; private final Environment env; - private final ESNativeUsersStore userStore; + private final NativeUsersStore userStore; @Inject - public Factory(Settings settings, Environment env, ESNativeUsersStore userStore) { + public Factory(Settings settings, Environment env, NativeUsersStore userStore) { super(TYPE, true); this.settings = settings; this.env = env; @@ -71,12 +71,12 @@ public class ESNativeRealm extends CachingUsernamePasswordRealm { } @Override - public ESNativeRealm create(RealmConfig config) { - return new ESNativeRealm(config, userStore); + public NativeRealm create(RealmConfig config) { + return new NativeRealm(config, userStore); } @Override - public ESNativeRealm createDefault(String name) { + public NativeRealm createDefault(String name) { RealmConfig config = new RealmConfig(name, Settings.EMPTY, settings, env); return create(config); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeUsersStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeUsersStore.java similarity index 99% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeUsersStore.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeUsersStore.java index 01b6f6b2765..6ec160ea571 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/ESNativeUsersStore.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esnative/NativeUsersStore.java @@ -80,7 +80,7 @@ import java.util.concurrent.atomic.AtomicReference; *

* No caching is done by this class, it is handled at a higher level */ -public class ESNativeUsersStore extends AbstractComponent implements ClusterStateListener { +public class NativeUsersStore extends AbstractComponent implements ClusterStateListener { public enum State { INITIALIZED, @@ -111,7 +111,7 @@ public class ESNativeUsersStore extends AbstractComponent implements ClusterStat private volatile boolean shieldIndexExists = false; @Inject - public ESNativeUsersStore(Settings settings, Provider clientProvider, ThreadPool threadPool) { + public NativeUsersStore(Settings settings, Provider clientProvider, ThreadPool threadPool) { super(settings); this.clientProvider = clientProvider; this.threadPool = threadPool; @@ -605,7 +605,7 @@ public class ESNativeUsersStore extends AbstractComponent implements ClusterStat // hold a reference to the client since the poller may run after the class is stopped (we don't interrupt it running) and // we reset when we test which sets the client to null... - final Client client = ESNativeUsersStore.this.client; + final Client client = NativeUsersStore.this.client; logger.trace("starting polling of user index to check for changes"); // create a copy of all known users diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileRealm.java similarity index 84% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileRealm.java index 955b93b197c..3260ec6eb85 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileRealm.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; @@ -20,14 +20,14 @@ import org.elasticsearch.watcher.ResourceWatcherService; /** * */ -public class ESUsersRealm extends CachingUsernamePasswordRealm { +public class FileRealm extends CachingUsernamePasswordRealm { - public static final String TYPE = "esusers"; + public static final String TYPE = "file"; final FileUserPasswdStore userPasswdStore; final FileUserRolesStore userRolesStore; - public ESUsersRealm(RealmConfig config, FileUserPasswdStore userPasswdStore, FileUserRolesStore userRolesStore) { + public FileRealm(RealmConfig config, FileUserPasswdStore userPasswdStore, FileUserRolesStore userRolesStore) { super(TYPE, config); Listener listener = new Listener(); this.userPasswdStore = userPasswdStore; @@ -67,7 +67,7 @@ public class ESUsersRealm extends CachingUsernamePasswordRealm { } } - public static class Factory extends UsernamePasswordRealm.Factory { + public static class Factory extends UsernamePasswordRealm.Factory { private final Settings settings; private final Environment env; @@ -82,13 +82,13 @@ public class ESUsersRealm extends CachingUsernamePasswordRealm { } @Override - public ESUsersRealm create(RealmConfig config) { - return new ESUsersRealm(config, new FileUserPasswdStore(config, watcherService), + public FileRealm create(RealmConfig config) { + return new FileRealm(config, new FileUserPasswdStore(config, watcherService), new FileUserRolesStore(config, watcherService)); } @Override - public ESUsersRealm createDefault(String name) { + public FileRealm createDefault(String name) { RealmConfig config = new RealmConfig(name, Settings.EMPTY, settings, env); return create(config); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserPasswdStore.java similarity index 94% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStore.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserPasswdStore.java index 3434592456a..a9f0941cd54 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStore.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserPasswdStore.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.common.inject.internal.Nullable; @@ -16,6 +16,7 @@ import org.elasticsearch.shield.authc.support.RefreshListener; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.support.NoOpLogger; import org.elasticsearch.shield.support.Validation; +import org.elasticsearch.shield.support.Validation.Users; import org.elasticsearch.watcher.FileChangesListener; import org.elasticsearch.watcher.FileWatcher; import org.elasticsearch.watcher.ResourceWatcherService; @@ -59,7 +60,7 @@ public class FileUserPasswdStore { file = resolveFile(config.settings(), config.env()); users = parseFileLenient(file, logger); if (users.isEmpty() && logger.isDebugEnabled()) { - logger.debug("realm [esusers] has no users"); + logger.debug("realm [file] has no users"); } FileWatcher watcher = new FileWatcher(file.getParent()); watcher.addListener(new FileListener()); @@ -117,7 +118,7 @@ public class FileUserPasswdStore { } /** - * parses the esusers file. Should never return {@code null}, if the file doesn't exist an + * parses the users file. Should never return {@code null}, if the file doesn't exist an * empty map is returned */ public static Map parseFile(Path path, @Nullable ESLogger logger) { @@ -155,7 +156,7 @@ public class FileUserPasswdStore { continue; } String username = line.substring(0, i); - Validation.Error validationError = Validation.ESUsers.validateUsername(username); + Validation.Error validationError = Users.validateUsername(username); if (validationError != null) { logger.error("invalid username [{}] in users file [{}], skipping... ({})", username, path.toAbsolutePath(), validationError); @@ -166,7 +167,7 @@ public class FileUserPasswdStore { } if (users.isEmpty()) { - logger.warn("no users found in users file [{}]. use bin/xpack/esusers to add users and role mappings", path.toAbsolutePath()); + logger.warn("no users found in users file [{}]. use bin/xpack/file to add users and role mappings", path.toAbsolutePath()); } return unmodifiableMap(users); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserRolesStore.java similarity index 98% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStore.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserRolesStore.java index 1f9476cfd6e..0b4c1efe7ab 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStore.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/FileUserRolesStore.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.common.Strings; @@ -181,7 +181,7 @@ public class FileUserRolesStore { } if (usersRoles.isEmpty()) { - logger.warn("no entries found in users_roles file [{}]. use bin/xpack/esusers to add users and role mappings", path + logger.warn("no entries found in users_roles file [{}]. use bin/xpack/file to add users and role mappings", path .toAbsolutePath()); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/tool/UsersTool.java similarity index 90% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/tool/UsersTool.java index e8f6a07a3a9..c394efdd2f3 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authc/file/tool/UsersTool.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers.tool; +package org.elasticsearch.shield.authc.file.tool; import java.nio.file.Files; import java.nio.file.Path; @@ -30,23 +30,23 @@ import org.elasticsearch.common.util.set.Sets; import org.elasticsearch.env.Environment; import org.elasticsearch.node.internal.InternalSettingsPreparer; import org.elasticsearch.shield.authc.Realms; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; -import org.elasticsearch.shield.authc.esusers.FileUserPasswdStore; -import org.elasticsearch.shield.authc.esusers.FileUserRolesStore; +import org.elasticsearch.shield.authc.file.FileUserPasswdStore; +import org.elasticsearch.shield.authc.file.FileUserRolesStore; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authz.store.FileRolesStore; import org.elasticsearch.shield.support.FileAttributesChecker; import org.elasticsearch.shield.support.Validation; +import org.elasticsearch.shield.support.Validation.Users; -public class ESUsersTool extends MultiCommand { +public class UsersTool extends MultiCommand { public static void main(String[] args) throws Exception { Environment env = InternalSettingsPreparer.prepareEnvironment(Settings.EMPTY, Terminal.DEFAULT); - exit(new ESUsersTool(env).main(args, Terminal.DEFAULT)); + exit(new UsersTool(env).main(args, Terminal.DEFAULT)); } - ESUsersTool(Environment env) { + UsersTool(Environment env) { super("Manages elasticsearch native users"); subcommands.put("useradd", new AddUserCommand(env)); subcommands.put("userdel", new DeleteUserCommand(env)); @@ -76,7 +76,7 @@ public class ESUsersTool extends MultiCommand { @Override protected void printAdditionalHelp(Terminal terminal) { - terminal.println("Adds a native user to elasticsearch (via internal realm). The user will"); + terminal.println("Adds a file based user to elasticsearch (via internal realm). The user will"); terminal.println("be added to the users file and its roles will be added to the"); terminal.println("users_roles file. If non-default files are used (different file"); terminal.println("locations are configured in elasticsearch.yml) the appropriate files"); @@ -88,7 +88,7 @@ public class ESUsersTool extends MultiCommand { @Override protected void execute(Terminal terminal, OptionSet options) throws Exception { String username = parseUsername(arguments.values(options)); - Validation.Error validationError = Validation.ESUsers.validateUsername(username); + Validation.Error validationError = Users.validateUsername(username); if (validationError != null) { throw new UserError(ExitCodes.DATA_ERROR, "Invalid username [" + username + "]... " + validationError); } @@ -96,7 +96,7 @@ public class ESUsersTool extends MultiCommand { char[] password = parsePassword(terminal, passwordOption.value(options)); String[] roles = parseRoles(terminal, env, rolesOption.value(options)); - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); Path passwordFile = FileUserPasswdStore.resolveFile(esusersSettings, env); Path rolesFile = FileUserRolesStore.resolveFile(esusersSettings, env); FileAttributesChecker attributesChecker = new FileAttributesChecker(passwordFile, rolesFile); @@ -125,14 +125,14 @@ public class ESUsersTool extends MultiCommand { private final OptionSpec arguments; DeleteUserCommand(Environment env) { - super("Deletes a native user"); + super("Deletes a file based user"); this.env = env; this.arguments = parser.nonOptions("username"); } @Override protected void printAdditionalHelp(Terminal terminal) { - terminal.println("Removes an existing native user from elasticsearch. The user will be"); + terminal.println("Removes an existing file based user from elasticsearch. The user will be"); terminal.println("removed from the users file and its roles will be removed to the"); terminal.println("users_roles file. If non-default files are used (different file"); terminal.println("locations are configured in elasticsearch.yml) the appropriate files"); @@ -144,7 +144,7 @@ public class ESUsersTool extends MultiCommand { @Override protected void execute(Terminal terminal, OptionSet options) throws Exception { String username = parseUsername(arguments.values(options)); - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); Path passwordFile = FileUserPasswdStore.resolveFile(esusersSettings, env); Path rolesFile = FileUserRolesStore.resolveFile(esusersSettings, env); FileAttributesChecker attributesChecker = new FileAttributesChecker(passwordFile, rolesFile); @@ -179,7 +179,7 @@ public class ESUsersTool extends MultiCommand { private final OptionSpec arguments; PasswordCommand(Environment env) { - super("Changes the password of an existing native user"); + super("Changes the password of an existing file based user"); this.env = env; this.passwordOption = parser.acceptsAll(Arrays.asList("p", "password"), "The user password") @@ -189,7 +189,7 @@ public class ESUsersTool extends MultiCommand { @Override protected void printAdditionalHelp(Terminal terminal) { - terminal.println("The passwd command changes passwords for native user accounts. The tool"); + terminal.println("The passwd command changes passwords for files based users. The tool"); terminal.println("prompts twice for a replacement password. The second entry is compared"); terminal.println("against the first and both are required to match in order for the"); terminal.println("password to be changed. If non-default users file is used (a different"); @@ -203,7 +203,7 @@ public class ESUsersTool extends MultiCommand { String username = parseUsername(arguments.values(options)); char[] password = parsePassword(terminal, passwordOption.value(options)); - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); Path file = FileUserPasswdStore.resolveFile(esusersSettings, env); FileAttributesChecker attributesChecker = new FileAttributesChecker(file); Map users = new HashMap<>(FileUserPasswdStore.parseFile(file, null)); @@ -238,9 +238,9 @@ public class ESUsersTool extends MultiCommand { @Override protected void printAdditionalHelp(Terminal terminal) { - terminal.println("The roles command allows to edit roles for an existing user."); - terminal.println("corresponding roles. Alternatively you can also list just a"); - terminal.println("single users roles, if you do not specify the -a or the -r parameter."); + terminal.println("The roles command allows editing roles for file based users."); + terminal.println("You can also list a user's roles by omitting the -a and -r"); + terminal.println("parameters."); terminal.println(""); } @@ -258,7 +258,7 @@ public class ESUsersTool extends MultiCommand { return; } - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); Path usersFile = FileUserPasswdStore.resolveFile(esusersSettings, env); Path rolesFile = FileUserRolesStore.resolveFile(esusersSettings, env); FileAttributesChecker attributesChecker = new FileAttributesChecker(usersFile, rolesFile); @@ -295,7 +295,7 @@ public class ESUsersTool extends MultiCommand { private final OptionSpec arguments; ListCommand(Environment env) { - super("List existing users and their corresponding roles"); + super("List existing file based users and their corresponding roles"); this.env = env; this.arguments = parser.nonOptions("username"); } @@ -318,7 +318,7 @@ public class ESUsersTool extends MultiCommand { // pkg private for tests static void listUsersAndRoles(Terminal terminal, Environment env, String username) throws Exception { - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); Path userRolesFilePath = FileUserRolesStore.resolveFile(esusersSettings, env); Set knownRoles = FileRolesStore.parseFileForRoleNames(userRolesFilePath, null); Map userRoles = FileUserRolesStore.parseFile(userRolesFilePath, null); @@ -403,7 +403,7 @@ public class ESUsersTool extends MultiCommand { throw new UserError(ExitCodes.USAGE, "Expected a single username argument, found extra: " + args.toString()); } String username = args.get(0); - Validation.Error validationError = Validation.ESUsers.validateUsername(username); + Validation.Error validationError = Users.validateUsername(username); if (validationError != null) { throw new UserError(ExitCodes.DATA_ERROR, "Invalid username [" + username + "]... " + validationError); } @@ -415,13 +415,13 @@ public class ESUsersTool extends MultiCommand { char[] password; if (passwordStr != null) { password = passwordStr.toCharArray(); - Validation.Error validationError = Validation.ESUsers.validatePassword(password); + Validation.Error validationError = Users.validatePassword(password); if (validationError != null) { throw new UserError(ExitCodes.DATA_ERROR, "Invalid password..." + validationError); } } else { password = terminal.readSecret("Enter new password: "); - Validation.Error validationError = Validation.ESUsers.validatePassword(password); + Validation.Error validationError = Users.validatePassword(password); if (validationError != null) { throw new UserError(ExitCodes.DATA_ERROR, "Invalid password..." + validationError); } @@ -459,7 +459,7 @@ public class ESUsersTool extends MultiCommand { } } - Settings esusersSettings = Realms.internalRealmSettings(env.settings(), ESUsersRealm.TYPE); + Settings esusersSettings = Realms.fileRealmSettings(env.settings()); verifyRoles(terminal, esusersSettings, env, roles); return roles; diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/AuthorizationModule.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/AuthorizationModule.java index 75922795585..5fcbf1d079f 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/AuthorizationModule.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/AuthorizationModule.java @@ -6,10 +6,10 @@ package org.elasticsearch.shield.authz; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authc.esnative.NativeUsersStore; import org.elasticsearch.shield.authz.store.CompositeRolesStore; import org.elasticsearch.shield.authz.store.FileRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.shield.authz.store.RolesStore; import org.elasticsearch.shield.support.AbstractShieldModule; @@ -27,10 +27,10 @@ public class AuthorizationModule extends AbstractShieldModule.Node { // First the file and native roles stores must be bound... bind(FileRolesStore.class).asEagerSingleton(); - bind(ESNativeRolesStore.class).asEagerSingleton(); + bind(NativeRolesStore.class).asEagerSingleton(); // Then the composite roles store (which combines both) can be bound bind(RolesStore.class).to(CompositeRolesStore.class).asEagerSingleton(); - bind(ESNativeUsersStore.class).asEagerSingleton(); + bind(NativeUsersStore.class).asEagerSingleton(); bind(AuthorizationService.class).to(InternalAuthorizationService.class).asEagerSingleton(); } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/CompositeRolesStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/CompositeRolesStore.java index 3306f254a6a..a68fd493afa 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/CompositeRolesStore.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/CompositeRolesStore.java @@ -6,7 +6,6 @@ package org.elasticsearch.shield.authz.store; import org.elasticsearch.common.inject.Inject; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; import org.elasticsearch.shield.authz.permission.Role; /** @@ -16,10 +15,10 @@ import org.elasticsearch.shield.authz.permission.Role; public class CompositeRolesStore implements RolesStore { private final FileRolesStore fileRolesStore; - private final ESNativeRolesStore nativeRolesStore; + private final NativeRolesStore nativeRolesStore; @Inject - public CompositeRolesStore(FileRolesStore fileRolesStore, ESNativeRolesStore nativeRolesStore) { + public CompositeRolesStore(FileRolesStore fileRolesStore, NativeRolesStore nativeRolesStore) { this.fileRolesStore = fileRolesStore; this.nativeRolesStore = nativeRolesStore; } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/esnative/ESNativeRolesStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/NativeRolesStore.java similarity index 98% rename from elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/esnative/ESNativeRolesStore.java rename to elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/NativeRolesStore.java index 9aa527fa4e5..14cd3e28876 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/esnative/ESNativeRolesStore.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/NativeRolesStore.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authz.esnative; +package org.elasticsearch.shield.authz.store; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.action.ActionListener; @@ -74,7 +74,7 @@ import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder; * * No caching is done by this class, it is handled at a higher level */ -public class ESNativeRolesStore extends AbstractComponent implements RolesStore, ClusterStateListener { +public class NativeRolesStore extends AbstractComponent implements RolesStore, ClusterStateListener { public enum State { INITIALIZED, @@ -101,14 +101,14 @@ public class ESNativeRolesStore extends AbstractComponent implements RolesStore, private volatile boolean shieldIndexExists = false; @Inject - public ESNativeRolesStore(Settings settings, Provider clientProvider, ThreadPool threadPool) { + public NativeRolesStore(Settings settings, Provider clientProvider, ThreadPool threadPool) { super(settings); this.clientProvider = clientProvider; this.threadPool = threadPool; } public boolean canStart(ClusterState clusterState, boolean master) { - if (state() != ESNativeRolesStore.State.INITIALIZED) { + if (state() != NativeRolesStore.State.INITIALIZED) { return false; } @@ -489,7 +489,7 @@ public class ESNativeRolesStore extends AbstractComponent implements RolesStore, // hold a reference to the client since the poller may run after the class is stopped (we don't interrupt it running) and // we reset when we test which sets the client to null... - final Client client = ESNativeRolesStore.this.client; + final Client client = NativeRolesStore.this.client; logger.trace("starting polling of roles index to check for changes"); SearchResponse response = null; diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/support/Validation.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/support/Validation.java index e82b4b50432..6c541bf9413 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/support/Validation.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/support/Validation.java @@ -14,7 +14,7 @@ public final class Validation { private static final Pattern COMMON_NAME_PATTERN = Pattern.compile("[a-zA-Z_][a-zA-Z0-9_@\\-\\$\\.]{0,29}"); - public static final class ESUsers { + public static final class Users { private static final int MIN_PASSWD_LENGTH = 6; diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java index f6ab01f40d6..0db655986c1 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java @@ -245,7 +245,7 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase { List realms = new ArrayList<>(); for (Realms nodeRealms : internalCluster().getInstances(Realms.class)) { - realms.add(nodeRealms.realm("esusers")); + realms.add(nodeRealms.realm("file")); } // we authenticate each user on each of the realms to make sure they're all cached diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index 065326da13f..597e9805695 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -19,7 +19,7 @@ import org.elasticsearch.shield.ShieldTemplateService; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.authz.RoleDescriptor; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.shield.client.SecurityClient; import org.elasticsearch.test.NativeRealmIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; @@ -65,7 +65,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { ensureGreen(ShieldTemplateService.SECURITY_INDEX_NAME); // warm up the caches on every node - for (ESNativeRolesStore rolesStore : internalCluster().getInstances(ESNativeRolesStore.class)) { + for (NativeRolesStore rolesStore : internalCluster().getInstances(NativeRolesStore.class)) { for (String role : roles) { assertThat(rolesStore.role(role), notNullValue()); } @@ -112,7 +112,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { final boolean refresh = randomBoolean(); for (String role : toModify) { UpdateResponse response = internalClient().prepareUpdate().setId(role).setIndex(ShieldTemplateService.SECURITY_INDEX_NAME) - .setType(ESNativeRolesStore.ROLE_DOC_TYPE) + .setType(NativeRolesStore.ROLE_DOC_TYPE) .setDoc("run_as", new String[] { role }) .setRefresh(refresh) .get(); @@ -156,7 +156,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { logger.debug("--> deleting role [{}]", role); final boolean refresh = randomBoolean(); DeleteResponse response = internalClient() - .prepareDelete(ShieldTemplateService.SECURITY_INDEX_NAME, ESNativeRolesStore.ROLE_DOC_TYPE, role) + .prepareDelete(ShieldTemplateService.SECURITY_INDEX_NAME, NativeRolesStore.ROLE_DOC_TYPE, role) .setRefresh(refresh) .get(); assertThat(response.isFound(), is(true)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java index f4db49b3530..0f745b25045 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java @@ -84,7 +84,7 @@ public class SettingsFilterTests extends ShieldIntegTestCase { return Settings.builder().put(super.nodeSettings(nodeOrdinal)) .put(NetworkModule.HTTP_ENABLED.getKey(), true) - .put("shield.authc.realms.esusers.type", "esusers") + .put("shield.authc.realms.file.type", "file") // ldap realm filtering .put("shield.authc.realms.ldap1.type", "ldap") diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldF.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldF.java index c4561a98406..a5dba0b0006 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldF.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldF.java @@ -12,8 +12,8 @@ import org.elasticsearch.common.io.PathUtils; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.node.MockNode; import org.elasticsearch.node.Node; -import org.elasticsearch.shield.authc.esnative.ESNativeRealm; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.esnative.NativeRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.test.ShieldTestUtils; import org.elasticsearch.test.ShieldSettingsSource; import org.elasticsearch.xpack.XPackPlugin; @@ -50,12 +50,12 @@ public class ShieldF { } Path folder = ShieldTestUtils.createFolder(ShieldTestUtils.createFolder(PathUtils.get(homeDir), "config"), "shield"); - settings.put("shield.authc.realms.esusers.type", ESUsersRealm.TYPE); - settings.put("shield.authc.realms.esusers.order", "0"); - settings.put("shield.authc.realms.esusers.files.users", writeFile(folder, "users", ShieldSettingsSource.CONFIG_STANDARD_USER)); - settings.put("shield.authc.realms.esusers.files.users_roles", writeFile(folder, "users_roles", + settings.put("shield.authc.realms.file.type", FileRealm.TYPE); + settings.put("shield.authc.realms.file.order", "0"); + settings.put("shield.authc.realms.file.files.users", writeFile(folder, "users", ShieldSettingsSource.CONFIG_STANDARD_USER)); + settings.put("shield.authc.realms.file.files.users_roles", writeFile(folder, "users_roles", ShieldSettingsSource.CONFIG_STANDARD_USER_ROLES)); - settings.put("shield.authc.realms.esnative.type", ESNativeRealm.TYPE); + settings.put("shield.authc.realms.esnative.type", NativeRealm.TYPE); settings.put("shield.authc.realms.esnative.order", "1"); settings.put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", ShieldSettingsSource.CONFIG_ROLE_ALLOW_ALL)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/AuthenticationModuleTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/AuthenticationModuleTests.java index cf26468ae76..cff68baa61c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/AuthenticationModuleTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/AuthenticationModuleTests.java @@ -7,7 +7,7 @@ package org.elasticsearch.shield.authc; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.activedirectory.ActiveDirectoryRealm; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.authc.ldap.LdapRealm; import org.elasticsearch.shield.authc.pki.PkiRealm; import org.elasticsearch.test.ESTestCase; @@ -22,9 +22,9 @@ public class AuthenticationModuleTests extends ESTestCase { Settings settings = Settings.EMPTY; AuthenticationModule module = new AuthenticationModule(settings); try { - module.addCustomRealm(randomFrom(PkiRealm.TYPE, LdapRealm.TYPE, ActiveDirectoryRealm.TYPE, ESUsersRealm.TYPE), + module.addCustomRealm(randomFrom(PkiRealm.TYPE, LdapRealm.TYPE, ActiveDirectoryRealm.TYPE, FileRealm.TYPE), randomFrom(PkiRealm.Factory.class, LdapRealm.Factory.class, ActiveDirectoryRealm.Factory.class, - ESUsersRealm.Factory.class)); + FileRealm.Factory.class)); fail("overriding a built in realm type is not allowed!"); } catch (IllegalArgumentException e) { assertThat(e.getMessage(), containsString("cannot redefine")); @@ -37,7 +37,7 @@ public class AuthenticationModuleTests extends ESTestCase { try { module.addCustomRealm(randomBoolean() ? null : "", randomFrom(PkiRealm.Factory.class, LdapRealm.Factory.class, ActiveDirectoryRealm.Factory.class, - ESUsersRealm.Factory.class)); + FileRealm.Factory.class)); fail("type must not be null"); } catch (IllegalArgumentException e) { assertThat(e.getMessage(), containsString("null or empty")); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java index c3e832807b3..a77a3d06ff3 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/InternalAuthenticationServiceTests.java @@ -81,7 +81,7 @@ public class InternalAuthenticationServiceTests extends ESTestCase { message = new InternalMessage(); restRequest = new FakeRestRequest(); firstRealm = mock(Realm.class); - when(firstRealm.type()).thenReturn("esusers"); + when(firstRealm.type()).thenReturn("file"); secondRealm = mock(Realm.class); when(secondRealm.type()).thenReturn("second"); Settings settings = Settings.builder().put("path.home", createTempDir()).build(); @@ -154,7 +154,7 @@ public class InternalAuthenticationServiceTests extends ESTestCase { User result = service.authenticate("_action", message, null); assertThat(result, notNullValue()); assertThat(result, is(user)); - verify(auditTrail).authenticationFailed("esusers", token, "_action", message); + verify(auditTrail).authenticationFailed("file", token, "_action", message); User user1 = threadContext.getTransient(InternalAuthenticationService.USER_KEY); assertThat(user1, notNullValue()); assertThat(user1, sameInstance(user)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RealmsTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RealmsTests.java index 1d6cbe3a7db..4a549536ef6 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RealmsTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RealmsTests.java @@ -9,8 +9,8 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.env.Environment; import org.elasticsearch.shield.User; -import org.elasticsearch.shield.authc.esnative.ESNativeRealm; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.esnative.NativeRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.authc.ldap.LdapRealm; import org.elasticsearch.shield.license.ShieldLicenseState; import org.elasticsearch.test.ESTestCase; @@ -42,8 +42,8 @@ public class RealmsTests extends ESTestCase { @Before public void init() throws Exception { factories = new HashMap<>(); - factories.put(ESUsersRealm.TYPE, new DummyRealm.Factory(ESUsersRealm.TYPE, true)); - factories.put(ESNativeRealm.TYPE, new DummyRealm.Factory(ESNativeRealm.TYPE, true)); + factories.put(FileRealm.TYPE, new DummyRealm.Factory(FileRealm.TYPE, true)); + factories.put(NativeRealm.TYPE, new DummyRealm.Factory(NativeRealm.TYPE, true)); for (int i = 0; i < randomIntBetween(1, 5); i++) { DummyRealm.Factory factory = new DummyRealm.Factory("type_" + i, rarely()); factories.put("type_" + i, factory); @@ -82,9 +82,9 @@ public class RealmsTests extends ESTestCase { public void testWithSettingsWithMultipleInternalRealmsOfSameType() throws Exception { Settings settings = Settings.builder() - .put("shield.authc.realms.realm_1.type", ESUsersRealm.TYPE) + .put("shield.authc.realms.realm_1.type", FileRealm.TYPE) .put("shield.authc.realms.realm_1.order", 0) - .put("shield.authc.realms.realm_2.type", ESUsersRealm.TYPE) + .put("shield.authc.realms.realm_2.type", FileRealm.TYPE) .put("shield.authc.realms.realm_2.order", 1) .put("path.home", createTempDir()) .build(); @@ -93,7 +93,7 @@ public class RealmsTests extends ESTestCase { new Realms(settings, env, factories, shieldLicenseState).start(); fail("Expected IllegalArgumentException"); } catch (IllegalArgumentException e) { - assertThat(e.getMessage(), containsString("multiple [esusers] realms are configured")); + assertThat(e.getMessage(), containsString("multiple [file] realms are configured")); } } @@ -105,12 +105,12 @@ public class RealmsTests extends ESTestCase { assertThat(iter.hasNext(), is(true)); Realm realm = iter.next(); assertThat(realm, notNullValue()); - assertThat(realm.type(), equalTo(ESNativeRealm.TYPE)); - assertThat(realm.name(), equalTo("default_" + ESNativeRealm.TYPE)); + assertThat(realm.type(), equalTo(NativeRealm.TYPE)); + assertThat(realm.name(), equalTo("default_" + NativeRealm.TYPE)); assertThat(iter.hasNext(), is(true)); realm = iter.next(); - assertThat(realm.type(), equalTo(ESUsersRealm.TYPE)); - assertThat(realm.name(), equalTo("default_" + ESUsersRealm.TYPE)); + assertThat(realm.type(), equalTo(FileRealm.TYPE)); + assertThat(realm.name(), equalTo("default_" + FileRealm.TYPE)); assertThat(iter.hasNext(), is(false)); } @@ -145,7 +145,7 @@ public class RealmsTests extends ESTestCase { i = 0; when(shieldLicenseState.customRealmsEnabled()).thenReturn(false); for (Realm realm : realms) { - assertThat(realm.type, isOneOf(ESUsersRealm.TYPE, ESNativeRealm.TYPE)); + assertThat(realm.type, isOneOf(FileRealm.TYPE, NativeRealm.TYPE)); i++; } assertThat(i, is(2)); @@ -213,12 +213,12 @@ public class RealmsTests extends ESTestCase { Integer index = orderToIndex.get(realm.order()); if (index == null) { // Default realms are inserted when factories size is 1 and enabled is false - assertThat(realm.type(), equalTo(ESNativeRealm.TYPE)); - assertThat(realm.name(), equalTo("default_" + ESNativeRealm.TYPE)); + assertThat(realm.type(), equalTo(NativeRealm.TYPE)); + assertThat(realm.name(), equalTo("default_" + NativeRealm.TYPE)); assertThat(iterator.hasNext(), is(true)); realm = iterator.next(); - assertThat(realm.type(), equalTo(ESUsersRealm.TYPE)); - assertThat(realm.name(), equalTo("default_" + ESUsersRealm.TYPE)); + assertThat(realm.type(), equalTo(FileRealm.TYPE)); + assertThat(realm.name(), equalTo("default_" + FileRealm.TYPE)); assertThat(iterator.hasNext(), is(false)); } else { assertThat(realm.type(), equalTo("type_" + index)); @@ -275,7 +275,7 @@ public class RealmsTests extends ESTestCase { @Override public DummyRealm createDefault(String name) { - if (type().equals(ESNativeRealm.TYPE) || type().equals(ESUsersRealm.TYPE)) { + if (type().equals(NativeRealm.TYPE) || type().equals(FileRealm.TYPE)) { return new DummyRealm(type(), new RealmConfig(name, Settings.EMPTY, Settings.builder().put("path.home", createTempDir()).build())); } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/ESNativeTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/NativeRealmIntegTests.java similarity index 99% rename from elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/ESNativeTests.java rename to elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/NativeRealmIntegTests.java index b139a589628..df8c8859651 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/ESNativeTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esnative/NativeRealmIntegTests.java @@ -38,7 +38,7 @@ import static org.hamcrest.Matchers.is; /** * Tests for the ESNativeUsersStore and ESNativeRolesStore */ -public class ESNativeTests extends NativeRealmIntegTestCase { +public class NativeRealmIntegTests extends NativeRealmIntegTestCase { public void testDeletingNonexistingUserAndRole() throws Exception { SecurityClient c = securityClient(); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/ESUsersRealmTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileRealmTests.java similarity index 77% rename from elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/ESUsersRealmTests.java rename to elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileRealmTests.java index 63971d2b6a4..59a7e584330 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/ESUsersRealmTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileRealmTests.java @@ -3,35 +3,21 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; -import org.elasticsearch.action.Action; -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.ActionRequest; -import org.elasticsearch.action.ActionRequestValidationException; -import org.elasticsearch.client.AdminClient; -import org.elasticsearch.client.Client; -import org.elasticsearch.client.ClusterAdminClient; -import org.elasticsearch.client.IndicesAdminClient; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; -import org.elasticsearch.rest.BaseRestHandler; -import org.elasticsearch.rest.RestChannel; -import org.elasticsearch.rest.RestController; -import org.elasticsearch.rest.RestRequest; import org.elasticsearch.shield.User; import org.elasticsearch.shield.authc.RealmConfig; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredStringTests; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.transport.TransportRequest; import org.elasticsearch.watcher.ResourceWatcherService; import org.junit.Before; import java.util.Locale; -import static java.util.Collections.emptySet; import static org.hamcrest.Matchers.arrayContaining; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; @@ -48,17 +34,14 @@ import static org.mockito.Mockito.when; /** * */ -public class ESUsersRealmTests extends ESTestCase { - private Client client; - private AdminClient adminClient; +public class FileRealmTests extends ESTestCase { + private FileUserPasswdStore userPasswdStore; private FileUserRolesStore userRolesStore; private Settings globalSettings; @Before public void init() throws Exception { - client = mock(Client.class); - adminClient = mock(AdminClient.class); userPasswdStore = mock(FileUserPasswdStore.class); userRolesStore = mock(FileUserRolesStore.class); globalSettings = Settings.builder().put("path.home", createTempDir()).build(); @@ -67,8 +50,8 @@ public class ESUsersRealmTests extends ESTestCase { public void testAuthenticate() throws Exception { when(userPasswdStore.verifyPassword("user1", SecuredStringTests.build("test123"))).thenReturn(true); when(userRolesStore.roles("user1")).thenReturn(new String[] { "role1", "role2" }); - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user = realm.authenticate(new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); assertThat(user, notNullValue()); assertThat(user.principal(), equalTo("user1")); @@ -81,22 +64,22 @@ public class ESUsersRealmTests extends ESTestCase { Settings settings = Settings.builder() .put("cache.hash_algo", Hasher.values()[randomIntBetween(0, Hasher.values().length - 1)].name().toLowerCase(Locale.ROOT)) .build(); - RealmConfig config = new RealmConfig("esusers-test", settings, globalSettings); + RealmConfig config = new RealmConfig("file-test", settings, globalSettings); when(userPasswdStore.verifyPassword("user1", SecuredStringTests.build("test123"))).thenReturn(true); when(userRolesStore.roles("user1")).thenReturn(new String[]{"role1", "role2"}); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user1 = realm.authenticate(new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); User user2 = realm.authenticate(new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); assertThat(user1, sameInstance(user2)); } public void testAuthenticateCachingRefresh() throws Exception { - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); userPasswdStore = spy(new UserPasswdStore(config)); userRolesStore = spy(new UserRolesStore(config)); doReturn(true).when(userPasswdStore).verifyPassword("user1", SecuredStringTests.build("test123")); doReturn(new String[] { "role1", "role2" }).when(userRolesStore).roles("user1"); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user1 = realm.authenticate(new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); User user2 = realm.authenticate(new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); assertThat(user1, sameInstance(user2)); @@ -113,10 +96,10 @@ public class ESUsersRealmTests extends ESTestCase { } public void testToken() throws Exception { - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); when(userPasswdStore.verifyPassword("user1", SecuredStringTests.build("test123"))).thenReturn(true); when(userRolesStore.roles("user1")).thenReturn(new String[]{"role1", "role2"}); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); UsernamePasswordToken.putTokenHeader(threadContext, new UsernamePasswordToken("user1", SecuredStringTests.build("test123"))); @@ -131,8 +114,8 @@ public class ESUsersRealmTests extends ESTestCase { public void testLookup() throws Exception { when(userPasswdStore.userExists("user1")).thenReturn(true); when(userRolesStore.roles("user1")).thenReturn(new String[] { "role1", "role2" }); - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user = realm.lookupUser("user1"); @@ -146,8 +129,8 @@ public class ESUsersRealmTests extends ESTestCase { public void testLookupCaching() throws Exception { when(userPasswdStore.userExists("user1")).thenReturn(true); when(userRolesStore.roles("user1")).thenReturn(new String[] { "role1", "role2" }); - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user = realm.lookupUser("user1"); User user1 = realm.lookupUser("user1"); @@ -157,12 +140,12 @@ public class ESUsersRealmTests extends ESTestCase { } public void testLookupCachingWithRefresh() throws Exception { - RealmConfig config = new RealmConfig("esusers-test", Settings.EMPTY, globalSettings); + RealmConfig config = new RealmConfig("file-test", Settings.EMPTY, globalSettings); userPasswdStore = spy(new UserPasswdStore(config)); userRolesStore = spy(new UserRolesStore(config)); doReturn(true).when(userPasswdStore).userExists("user1"); doReturn(new String[] { "role1", "role2" }).when(userRolesStore).roles("user1"); - ESUsersRealm realm = new ESUsersRealm(config, userPasswdStore, userRolesStore); + FileRealm realm = new FileRealm(config, userPasswdStore, userRolesStore); User user1 = realm.lookupUser("user1"); User user2 = realm.lookupUser("user1"); assertThat(user1, sameInstance(user2)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStoreTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserPasswdStoreTests.java similarity index 96% rename from elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStoreTests.java rename to elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserPasswdStoreTests.java index 3aa9452ea3b..de255c6d51f 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStoreTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserPasswdStoreTests.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; import org.elasticsearch.common.SuppressLoggerChecks; import org.elasticsearch.common.logging.ESLogger; @@ -81,7 +81,7 @@ public class FileUserPasswdStoreTests extends ESTestCase { .put("files.users", file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); FileUserPasswdStore store = new FileUserPasswdStore(config, watcherService); assertThat(store.usersCount(), is(0)); @@ -97,7 +97,7 @@ public class FileUserPasswdStoreTests extends ESTestCase { .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); final CountDownLatch latch = new CountDownLatch(1); @@ -136,7 +136,7 @@ public class FileUserPasswdStoreTests extends ESTestCase { .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); final CountDownLatch latch = new CountDownLatch(1); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStoreTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserRolesStoreTests.java similarity index 96% rename from elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStoreTests.java rename to elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserRolesStoreTests.java index 4fea9ddab16..14b16899d0e 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStoreTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/FileUserRolesStoreTests.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers; +package org.elasticsearch.shield.authc.file; import org.elasticsearch.common.Strings; import org.elasticsearch.common.SuppressLoggerChecks; @@ -83,7 +83,7 @@ public class FileUserRolesStoreTests extends ESTestCase { .put("files.users_roles", file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); FileUserRolesStore store = new FileUserRolesStore(config, watcherService); assertThat(store.entriesCount(), is(0)); @@ -98,7 +98,7 @@ public class FileUserRolesStoreTests extends ESTestCase { .put("files.users_roles", tmp.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); final CountDownLatch latch = new CountDownLatch(1); @@ -141,7 +141,7 @@ public class FileUserRolesStoreTests extends ESTestCase { .put("files.users_roles", tmp.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); final CountDownLatch latch = new CountDownLatch(1); @@ -237,7 +237,7 @@ public class FileUserRolesStoreTests extends ESTestCase { .build(); Environment env = new Environment(settings); - RealmConfig config = new RealmConfig("esusers-test", esusersSettings, settings, env); + RealmConfig config = new RealmConfig("file-test", esusersSettings, settings, env); ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool); FileUserRolesStore store = new FileUserRolesStore(config, watcherService); assertThat(store.roles("user"), equalTo(Strings.EMPTY_ARRAY)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersToolTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/tool/UsersToolTests.java similarity index 94% rename from elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersToolTests.java rename to elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/tool/UsersToolTests.java index 5abf9d00aad..89af9b4017c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersToolTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/file/tool/UsersToolTests.java @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -package org.elasticsearch.shield.authc.esusers.tool; +package org.elasticsearch.shield.authc.file.tool; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -32,7 +32,7 @@ import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; -public class ESUsersToolTests extends CommandTestCase { +public class UsersToolTests extends CommandTestCase { // the mock filesystem we use so permissions/users/groups can be modified static FileSystem jimfs; @@ -77,7 +77,7 @@ public class ESUsersToolTests extends CommandTestCase { ), StandardCharsets.UTF_8); settingsBuilder = Settings.builder() .put("path.home", homeDir) - .put("shield.authc.realms.esusers.type", "esusers"); + .put("shield.authc.realms.file.type", "file"); } @AfterClass @@ -89,7 +89,7 @@ public class ESUsersToolTests extends CommandTestCase { @Override protected Command newCommand() { - return new ESUsersTool(new Environment(settingsBuilder.build())); + return new UsersTool(new Environment(settingsBuilder.build())); } /** checks the user exists with the given password */ @@ -166,7 +166,7 @@ public class ESUsersToolTests extends CommandTestCase { public void testParseInvalidUsername() throws Exception { UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parseUsername(Collections.singletonList("$34dkl")); + UsersTool.parseUsername(Collections.singletonList("$34dkl")); }); assertEquals(ExitCodes.DATA_ERROR, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Invalid username")); @@ -174,7 +174,7 @@ public class ESUsersToolTests extends CommandTestCase { public void testParseUsernameMissing() throws Exception { UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parseUsername(Collections.emptyList()); + UsersTool.parseUsername(Collections.emptyList()); }); assertEquals(ExitCodes.USAGE, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Missing username argument")); @@ -182,7 +182,7 @@ public class ESUsersToolTests extends CommandTestCase { public void testParseUsernameExtraArgs() throws Exception { UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parseUsername(Arrays.asList("username", "extra")); + UsersTool.parseUsername(Arrays.asList("username", "extra")); }); assertEquals(ExitCodes.USAGE, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Expected a single username argument")); @@ -190,7 +190,7 @@ public class ESUsersToolTests extends CommandTestCase { public void testParseInvalidPasswordOption() throws Exception { UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parsePassword(terminal, "123"); + UsersTool.parsePassword(terminal, "123"); }); assertEquals(ExitCodes.DATA_ERROR, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Invalid password")); @@ -199,7 +199,7 @@ public class ESUsersToolTests extends CommandTestCase { public void testParseInvalidPasswordInput() throws Exception { terminal.addSecretInput("123"); UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parsePassword(terminal, null); + UsersTool.parsePassword(terminal, null); }); assertEquals(ExitCodes.DATA_ERROR, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Invalid password")); @@ -209,28 +209,28 @@ public class ESUsersToolTests extends CommandTestCase { terminal.addSecretInput("password1"); terminal.addSecretInput("password2"); UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parsePassword(terminal, null); + UsersTool.parsePassword(terminal, null); }); assertEquals(ExitCodes.DATA_ERROR, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Password mismatch")); } public void testParseUnknownRole() throws Exception { - ESUsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "test_r1,r2,r3"); + UsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "test_r1,r2,r3"); String output = terminal.getOutput(); assertTrue(output, output.contains("The following roles [r2,r3] are unknown")); } public void testParseInvalidRole() throws Exception { UserError e = expectThrows(UserError.class, () -> { - ESUsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "$345"); + UsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "$345"); }); assertEquals(ExitCodes.DATA_ERROR, e.exitCode); assertTrue(e.getMessage(), e.getMessage().contains("Invalid role [$345]")); } public void testParseMultipleRoles() throws Exception { - String[] roles = ESUsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "test_r1,test_r2"); + String[] roles = UsersTool.parseRoles(terminal, new Environment(settingsBuilder.build()), "test_r1,test_r2"); assertEquals(Objects.toString(roles), 2, roles.length); assertEquals("test_r1", roles[0]); assertEquals("test_r2", roles[1]); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiAuthenticationTests.java index 0fff9b02200..aa62e055f51 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiAuthenticationTests.java @@ -54,8 +54,8 @@ public class PkiAuthenticationTests extends ShieldIntegTestCase { .put(NetworkModule.HTTP_ENABLED.getKey(), true) .put(ShieldNettyHttpServerTransport.HTTP_SSL_SETTING, true) .put(ShieldNettyHttpServerTransport.HTTP_CLIENT_AUTH_SETTING, sslClientAuth) - .put("shield.authc.realms.esusers.type", "esusers") - .put("shield.authc.realms.esusers.order", "0") + .put("shield.authc.realms.file.type", "file") + .put("shield.authc.realms.file.order", "0") .put("shield.authc.realms.pki1.type", "pki") .put("shield.authc.realms.pki1.order", "1") .put("shield.authc.realms.pki1.truststore.path", diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 300b257d3fd..fc28a541bb6 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -56,8 +56,8 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { .put(NetworkModule.HTTP_ENABLED.getKey(), true) .put(ShieldNettyHttpServerTransport.HTTP_SSL_SETTING, true) .put(ShieldNettyHttpServerTransport.HTTP_CLIENT_AUTH_SETTING, SSLClientAuth.OPTIONAL) - .put("shield.authc.realms.esusers.type", "esusers") - .put("shield.authc.realms.esusers.order", "0") + .put("shield.authc.realms.file.type", "file") + .put("shield.authc.realms.file.order", "0") .put("shield.authc.realms.pki1.type", "pki") .put("shield.authc.realms.pki1.order", "1") .put("shield.authc.realms.pki1.truststore.path", diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/support/ValidationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/support/ValidationTests.java index 5ca8d3e74c4..a3b58547942 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/support/ValidationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/support/ValidationTests.java @@ -5,6 +5,7 @@ */ package org.elasticsearch.shield.support; +import org.elasticsearch.shield.support.Validation.Users; import org.elasticsearch.test.ESTestCase; import java.util.Arrays; @@ -49,7 +50,7 @@ public class ValidationTests extends ESTestCase { public void testESUsersValidateUsername() throws Exception { int length = randomIntBetween(1, 30); String name = new String(generateValidName(length)); - assertThat(Validation.ESUsers.validateUsername(name), nullValue()); + assertThat(Users.validateUsername(name), nullValue()); } public void testESUsersValidateUsernameInvalidLength() throws Exception { @@ -58,22 +59,22 @@ public class ValidationTests extends ESTestCase { if (length > 0) { name = generateValidName(length); } - assertThat(Validation.ESUsers.validateUsername(new String(name)), notNullValue()); + assertThat(Users.validateUsername(new String(name)), notNullValue()); } public void testESUsersValidateUsernameInvalidCharacters() throws Exception { int length = randomIntBetween(1, 30); // valid length String name = new String(generateInvalidName(length)); - assertThat(Validation.ESUsers.validateUsername(name), notNullValue()); + assertThat(Users.validateUsername(name), notNullValue()); } public void testESUsersValidatePassword() throws Exception { String passwd = randomAsciiOfLength(randomIntBetween(0, 20)); logger.info("{}[{}]", passwd, passwd.length()); if (passwd.length() >= 6) { - assertThat(Validation.ESUsers.validatePassword(passwd.toCharArray()), nullValue()); + assertThat(Users.validatePassword(passwd.toCharArray()), nullValue()); } else { - assertThat(Validation.ESUsers.validatePassword(passwd.toCharArray()), notNullValue()); + assertThat(Users.validatePassword(passwd.toCharArray()), notNullValue()); } } @@ -89,13 +90,13 @@ public class ValidationTests extends ESTestCase { if (length > 0) { name = generateValidName(length); } - assertThat(Validation.ESUsers.validateUsername(new String(name)), notNullValue()); + assertThat(Users.validateUsername(new String(name)), notNullValue()); } public void testRolesValidateRoleNameInvalidCharacters() throws Exception { int length = randomIntBetween(1, 30); // valid length String name = new String(generateInvalidName(length)); - assertThat(Validation.ESUsers.validateUsername(name), notNullValue()); + assertThat(Users.validateUsername(name), notNullValue()); } private static char[] generateValidName(int length) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterIntegrationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterIntegrationTests.java index 48c60bec691..796f13f9a49 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterIntegrationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ServerTransportFilterIntegrationTests.java @@ -15,10 +15,9 @@ import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.discovery.MasterNotDiscoveredException; import org.elasticsearch.node.MockNode; import org.elasticsearch.node.Node; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.crypto.InternalCryptoService; import org.elasticsearch.test.ShieldIntegTestCase; -import org.elasticsearch.test.ShieldSettingsSource; import org.elasticsearch.transport.Transport; import org.elasticsearch.xpack.XPackPlugin; import org.junit.BeforeClass; @@ -119,10 +118,10 @@ public class ServerTransportFilterIntegrationTests extends ShieldIntegTestCase { // test that starting up a node works Settings nodeSettings = settingsBuilder() - .put("shield.authc.realms.esusers.type", ESUsersRealm.TYPE) - .put("shield.authc.realms.esusers.order", 0) - .put("shield.authc.realms.esusers.files.users", writeFile(folder, "users", configUsers())) - .put("shield.authc.realms.esusers.files.users_roles", writeFile(folder, "users_roles", configUsersRoles())) + .put("shield.authc.realms.file.type", FileRealm.TYPE) + .put("shield.authc.realms.file.order", 0) + .put("shield.authc.realms.file.files.users", writeFile(folder, "users", configUsers())) + .put("shield.authc.realms.file.files.users_roles", writeFile(folder, "users_roles", configUsersRoles())) .put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", configRoles())) .put(getSSLSettingsForStore("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks", "testnode")) .put("node.mode", "network") diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/NativeRealmIntegTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/NativeRealmIntegTestCase.java index f517663cda4..be83d942c6d 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/NativeRealmIntegTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/NativeRealmIntegTestCase.java @@ -7,8 +7,8 @@ package org.elasticsearch.test; import org.elasticsearch.index.IndexNotFoundException; import org.elasticsearch.shield.ShieldTemplateService; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; +import org.elasticsearch.shield.authc.esnative.NativeUsersStore; +import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.shield.client.SecurityClient; import org.junit.After; import org.junit.Before; @@ -23,20 +23,20 @@ public abstract class NativeRealmIntegTestCase extends ShieldIntegTestCase { @Before public void ensureNativeStoresStarted() throws Exception { - for (ESNativeUsersStore store : internalCluster().getInstances(ESNativeUsersStore.class)) { + for (NativeUsersStore store : internalCluster().getInstances(NativeUsersStore.class)) { assertBusy(new Runnable() { @Override public void run() { - assertThat(store.state(), is(ESNativeUsersStore.State.STARTED)); + assertThat(store.state(), is(NativeUsersStore.State.STARTED)); } }); } - for (ESNativeRolesStore store : internalCluster().getInstances(ESNativeRolesStore.class)) { + for (NativeRolesStore store : internalCluster().getInstances(NativeRolesStore.class)) { assertBusy(new Runnable() { @Override public void run() { - assertThat(store.state(), is(ESNativeRolesStore.State.STARTED)); + assertThat(store.state(), is(NativeRolesStore.State.STARTED)); } }); } @@ -44,25 +44,25 @@ public abstract class NativeRealmIntegTestCase extends ShieldIntegTestCase { @After public void stopESNativeStores() throws Exception { - for (ESNativeUsersStore store : internalCluster().getInstances(ESNativeUsersStore.class)) { + for (NativeUsersStore store : internalCluster().getInstances(NativeUsersStore.class)) { store.stop(); // the store may already be stopping so wait until it is stopped assertBusy(new Runnable() { @Override public void run() { - assertThat(store.state(), isOneOf(ESNativeUsersStore.State.STOPPED, ESNativeUsersStore.State.FAILED)); + assertThat(store.state(), isOneOf(NativeUsersStore.State.STOPPED, NativeUsersStore.State.FAILED)); } }); store.reset(); } - for (ESNativeRolesStore store : internalCluster().getInstances(ESNativeRolesStore.class)) { + for (NativeRolesStore store : internalCluster().getInstances(NativeRolesStore.class)) { store.stop(); // the store may already be stopping so wait until it is stopped assertBusy(new Runnable() { @Override public void run() { - assertThat(store.state(), isOneOf(ESNativeRolesStore.State.STOPPED, ESNativeRolesStore.State.FAILED)); + assertThat(store.state(), isOneOf(NativeRolesStore.State.STOPPED, NativeRolesStore.State.FAILED)); } }); store.reset(); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldIntegTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldIntegTestCase.java index 8866c705029..340c6ab3fd1 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldIntegTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldIntegTestCase.java @@ -12,21 +12,15 @@ import org.elasticsearch.client.Client; import org.elasticsearch.client.node.NodeClient; import org.elasticsearch.cluster.health.ClusterHealthStatus; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.index.IndexNotFoundException; import org.elasticsearch.plugins.Plugin; import org.elasticsearch.shield.InternalClient; -import org.elasticsearch.shield.Shield; -import org.elasticsearch.shield.ShieldTemplateService; -import org.elasticsearch.shield.authc.esnative.ESNativeUsersStore; import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.shield.authz.esnative.ESNativeRolesStore; import org.elasticsearch.shield.client.SecurityClient; import org.elasticsearch.test.ESIntegTestCase.SuppressLocalMode; import org.elasticsearch.test.transport.AssertingLocalTransport; import org.elasticsearch.test.transport.MockTransportService; import org.elasticsearch.xpack.XPackClient; import org.elasticsearch.xpack.XPackPlugin; -import org.junit.After; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; @@ -45,7 +39,6 @@ import java.util.stream.Collectors; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertNoTimeout; import static org.hamcrest.Matchers.is; -import static org.hamcrest.Matchers.isOneOf; import static org.hamcrest.core.IsCollectionContaining.hasItem; /** diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldSettingsSource.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldSettingsSource.java index 356faf4a430..655b99902c2 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldSettingsSource.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/test/ShieldSettingsSource.java @@ -11,8 +11,8 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.marvel.Marvel; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; -import org.elasticsearch.shield.authc.esnative.ESNativeRealm; +import org.elasticsearch.shield.authc.file.FileRealm; +import org.elasticsearch.shield.authc.esnative.NativeRealm; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.crypto.InternalCryptoService; @@ -126,11 +126,11 @@ public class ShieldSettingsSource extends ClusterDiscoveryConfiguration.UnicastZ .put("shield.audit.logfile.prefix.emit_node_host_name", randomBoolean()) .put("shield.audit.logfile.prefix.emit_node_name", randomBoolean()) .put(InternalCryptoService.FILE_SETTING, writeFile(folder, "system_key", systemKey)) - .put("shield.authc.realms.esusers.type", ESUsersRealm.TYPE) - .put("shield.authc.realms.esusers.order", 0) - .put("shield.authc.realms.esusers.files.users", writeFile(folder, "users", configUsers())) - .put("shield.authc.realms.esusers.files.users_roles", writeFile(folder, "users_roles", configUsersRoles())) - .put("shield.authc.realms.index.type", ESNativeRealm.TYPE) + .put("shield.authc.realms.file.type", FileRealm.TYPE) + .put("shield.authc.realms.file.order", 0) + .put("shield.authc.realms.file.files.users", writeFile(folder, "users", configUsers())) + .put("shield.authc.realms.file.files.users_roles", writeFile(folder, "users_roles", configUsersRoles())) + .put("shield.authc.realms.index.type", NativeRealm.TYPE) .put("shield.authc.realms.index.order", "1") .put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", configRoles())) .put(getNodeSSLSettings()); diff --git a/elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/esusers/users b/elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/file/users similarity index 100% rename from elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/esusers/users rename to elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/file/users diff --git a/elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/esusers/users_roles b/elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/file/users_roles similarity index 100% rename from elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/esusers/users_roles rename to elasticsearch/x-pack/shield/src/test/resources/org/elasticsearch/shield/authc/file/users_roles diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java index 0c958f27ec8..042ca0e80f9 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java @@ -27,7 +27,7 @@ import org.elasticsearch.plugins.Plugin; import org.elasticsearch.script.MockMustacheScriptEngine; import org.elasticsearch.search.SearchHit; import org.elasticsearch.search.builder.SearchSourceBuilder; -import org.elasticsearch.shield.authc.esusers.ESUsersRealm; +import org.elasticsearch.shield.authc.file.FileRealm; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.crypto.InternalCryptoService; @@ -709,10 +709,10 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase Path folder = createTempDir().resolve("watcher_shield"); Files.createDirectories(folder); return builder.put("shield.enabled", true) - .put("shield.authc.realms.esusers.type", ESUsersRealm.TYPE) - .put("shield.authc.realms.esusers.order", 0) - .put("shield.authc.realms.esusers.files.users", writeFile(folder, "users", USERS)) - .put("shield.authc.realms.esusers.files.users_roles", writeFile(folder, "users_roles", USER_ROLES)) + .put("shield.authc.realms.file.type", FileRealm.TYPE) + .put("shield.authc.realms.file.order", 0) + .put("shield.authc.realms.file.files.users", writeFile(folder, "users", USERS)) + .put("shield.authc.realms.file.files.users_roles", writeFile(folder, "users_roles", USER_ROLES)) .put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", ROLES)) .put("shield.system_key.file", writeFile(folder, "system_key.yml", systemKey)) .put("shield.authc.sign_user_header", false)