mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-26 14:54:56 +00:00
Fixed comments on Transport service filter commit
- Fixed a bug in the logic of applying the indices group permission check - For the rest, mainly cosmetics refactoring (renaming & redundant code removal) Original commit: elastic/x-pack-elasticsearch@748575dc2e
This commit is contained in:
parent
6a7c537ad6
commit
1728c2a381
@ -71,10 +71,10 @@ public class UsernamePasswordToken implements AuthenticationToken {
|
||||
}
|
||||
|
||||
public static void putTokenHeader(TransportRequest request, UsernamePasswordToken token) {
|
||||
request.putHeader("Authorization", headerValue(token.username, token.password));
|
||||
request.putHeader("Authorization", basicAuthHeaderValue(token.username, token.password));
|
||||
}
|
||||
|
||||
public static String headerValue(String username, char[] passwd) {
|
||||
public static String basicAuthHeaderValue(String username, char[] passwd) {
|
||||
String basicToken = username + ":" + new String(passwd);
|
||||
basicToken = new String(Base64.encodeBase64(basicToken.getBytes(Charsets.UTF_8)), Charsets.UTF_8);
|
||||
return "Basic " + basicToken;
|
||||
|
@ -234,11 +234,11 @@ public interface Permission {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for (String index : explodeWildcards((IndicesRequest) request, metaData)) {
|
||||
if (!indexNameMatcher.apply(index)) {
|
||||
return false;
|
||||
} else {
|
||||
for (String index : explodeWildcards((IndicesRequest) request, metaData)) {
|
||||
if (!indexNameMatcher.apply(index)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -135,19 +135,19 @@ public class SecuredTransportService extends TransportService {
|
||||
|
||||
@Override
|
||||
public void sendResponse(TransportResponse response) throws IOException {
|
||||
if (proceed(response)) {
|
||||
if (filter(response)) {
|
||||
channel.sendResponse(response);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sendResponse(TransportResponse response, TransportResponseOptions options) throws IOException {
|
||||
if (proceed(response)) {
|
||||
if (filter(response)) {
|
||||
channel.sendResponse(response, options);
|
||||
}
|
||||
}
|
||||
|
||||
private boolean proceed(TransportResponse response) throws IOException {
|
||||
private boolean filter(TransportResponse response) throws IOException {
|
||||
try {
|
||||
filter.outboundResponse(channel.action(), response);
|
||||
} catch (Throwable t) {
|
||||
|
@ -23,7 +23,7 @@ import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
|
||||
import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.headerValue;
|
||||
import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
|
||||
import static org.elasticsearch.test.ElasticsearchIntegrationTest.ClusterScope;
|
||||
import static org.elasticsearch.test.ElasticsearchIntegrationTest.Scope;
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
@ -44,6 +44,7 @@ public class ShieldPluginTests extends ElasticsearchIntegrationTest {
|
||||
File folder = newFolder();
|
||||
ImmutableSettings.Builder builder = ImmutableSettings.builder()
|
||||
.put("plugin.types", SecurityPlugin.class.getName())
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put("shield.audit.enabled", true)
|
||||
.put("shield.authc.esusers.files.users", copyFile(folder, "users"))
|
||||
.put("shield.authc.esusers.files.users_roles", copyFile(folder, "users_roles"))
|
||||
@ -51,7 +52,7 @@ public class ShieldPluginTests extends ElasticsearchIntegrationTest {
|
||||
.put("shield.n2n.file", copyFile(folder, "ip_filter.yml"))
|
||||
.put(TransportModule.TRANSPORT_SERVICE_TYPE_KEY, SecuredTransportService.class.getName())
|
||||
// for the test internal node clients
|
||||
.put("request.headers.Authorization", headerValue("test_user", "changeme".toCharArray()));
|
||||
.put("request.headers.Authorization", basicAuthHeaderValue("test_user", "changeme".toCharArray()));
|
||||
|
||||
if (OsUtils.MAC) {
|
||||
builder.put("network.host", randomBoolean() ? "127.0.0.1" : "::1");
|
||||
@ -64,7 +65,7 @@ public class ShieldPluginTests extends ElasticsearchIntegrationTest {
|
||||
@Override
|
||||
protected Settings transportClientSettings() {
|
||||
return ImmutableSettings.builder()
|
||||
.put("request.headers.Authorization", headerValue("test_user", "changeme".toCharArray()))
|
||||
.put("request.headers.Authorization", basicAuthHeaderValue("test_user", "changeme".toCharArray()))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
@ -25,7 +25,7 @@ public class SSLConfigTests extends ElasticsearchTestCase {
|
||||
|
||||
@Before
|
||||
public void setup() throws Exception {
|
||||
testnodeStore = new File(getClass().getResource("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.jks").toURI());
|
||||
testnodeStore = new File(getClass().getResource("certs/simple/testnode.jks").toURI());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -89,7 +89,6 @@ public class SslIntegrationTests extends ElasticsearchIntegrationTest {
|
||||
.put("shield.http.ssl.truststore_password", "testnode")
|
||||
// SSL SETUP
|
||||
.put("http.type", NettySecuredHttpServerTransportModule.class.getName())
|
||||
.put("plugins.load_classpath_plugins", false)
|
||||
.put("plugin.types", N2NPlugin.class.getName())
|
||||
.put(TransportModule.TRANSPORT_TYPE_KEY, NettySecuredTransportModule.class.getName())
|
||||
.put("shield.n2n.file", ipFilterFile.getPath());
|
||||
|
Loading…
x
Reference in New Issue
Block a user