Logging: Drop Settings from security logger get calls (#33940)
`Settings` is no longer required to get a `Logger` and we went to quite a bit of effort to pass it to the `Logger` getters. This removes the `Settings` from all of the logger fetches in security and x-pack:core.
This commit is contained in:
parent
15515a616e
commit
33a264a408
|
@ -6,6 +6,7 @@
|
|||
package org.elasticsearch.license;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.apache.logging.log4j.util.Supplier;
|
||||
import org.elasticsearch.Version;
|
||||
|
@ -14,7 +15,6 @@ import org.elasticsearch.cluster.ClusterStateUpdateTask;
|
|||
import org.elasticsearch.cluster.metadata.MetaData;
|
||||
import org.elasticsearch.cluster.service.ClusterService;
|
||||
import org.elasticsearch.common.Nullable;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.xpack.core.XPackPlugin;
|
||||
|
||||
|
@ -22,6 +22,7 @@ import java.time.Clock;
|
|||
import java.util.UUID;
|
||||
|
||||
public class StartupSelfGeneratedLicenseTask extends ClusterStateUpdateTask {
|
||||
private static final Logger logger = LogManager.getLogger(StartupSelfGeneratedLicenseTask.class);
|
||||
|
||||
/**
|
||||
* Max number of nodes licensed by generated trial license
|
||||
|
@ -31,13 +32,11 @@ public class StartupSelfGeneratedLicenseTask extends ClusterStateUpdateTask {
|
|||
private final Settings settings;
|
||||
private final Clock clock;
|
||||
private final ClusterService clusterService;
|
||||
private final Logger logger;
|
||||
|
||||
public StartupSelfGeneratedLicenseTask(Settings settings, Clock clock, ClusterService clusterService) {
|
||||
this.settings = settings;
|
||||
this.clock = clock;
|
||||
this.clusterService = clusterService;
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -6,8 +6,8 @@
|
|||
package org.elasticsearch.xpack.core.security;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.Version;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext.StoredContext;
|
||||
|
@ -23,8 +23,8 @@ import java.util.function.Consumer;
|
|||
* A lightweight utility that can find the current user and authentication information for the local thread.
|
||||
*/
|
||||
public class SecurityContext {
|
||||
private final Logger logger = LogManager.getLogger(SecurityContext.class);
|
||||
|
||||
private final Logger logger;
|
||||
private final ThreadContext threadContext;
|
||||
private final UserSettings userSettings;
|
||||
private final String nodeName;
|
||||
|
@ -35,9 +35,8 @@ public class SecurityContext {
|
|||
* and {@link UserSettings#getAuthentication()} will always return null.
|
||||
*/
|
||||
public SecurityContext(Settings settings, ThreadContext threadContext) {
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
this.threadContext = threadContext;
|
||||
this.userSettings = new UserSettings(settings, threadContext);
|
||||
this.userSettings = new UserSettings(threadContext);
|
||||
this.nodeName = Node.NODE_NAME_SETTING.get(settings);
|
||||
}
|
||||
|
||||
|
|
|
@ -6,8 +6,7 @@
|
|||
package org.elasticsearch.xpack.core.security;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.xpack.core.security.authc.Authentication;
|
||||
import org.elasticsearch.xpack.core.security.user.User;
|
||||
|
@ -15,15 +14,14 @@ import org.elasticsearch.xpack.core.security.user.User;
|
|||
import java.io.IOException;
|
||||
|
||||
public final class UserSettings {
|
||||
private final Logger logger;
|
||||
private final Logger logger = LogManager.getLogger(UserSettings.class);
|
||||
|
||||
private final ThreadContext threadContext;
|
||||
|
||||
UserSettings(Settings settings, ThreadContext threadContext) {
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
UserSettings(ThreadContext threadContext) {
|
||||
this.threadContext = threadContext;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Returns the current user information, or null if the current request has no authentication info.
|
||||
*/
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
package org.elasticsearch.xpack.core.security.authc;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.action.ActionListener;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -25,7 +26,7 @@ import java.util.Map;
|
|||
*/
|
||||
public abstract class Realm implements Comparable<Realm> {
|
||||
|
||||
protected final Logger logger;
|
||||
protected final Logger logger = LogManager.getLogger(getClass());
|
||||
protected final String type;
|
||||
|
||||
public String getType() {
|
||||
|
@ -37,7 +38,6 @@ public abstract class Realm implements Comparable<Realm> {
|
|||
public Realm(String type, RealmConfig config) {
|
||||
this.type = type;
|
||||
this.config = config;
|
||||
this.logger = config.logger(getClass());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -5,8 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.core.security.authc;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.env.Environment;
|
||||
|
@ -59,10 +57,6 @@ public class RealmConfig {
|
|||
return globalSettings;
|
||||
}
|
||||
|
||||
public Logger logger(Class clazz) {
|
||||
return Loggers.getLogger(clazz, globalSettings);
|
||||
}
|
||||
|
||||
public Environment env() {
|
||||
return env;
|
||||
}
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
package org.elasticsearch.xpack.core.security.authz.accesscontrol;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.lucene.index.DirectoryReader;
|
||||
import org.apache.lucene.index.LeafReaderContext;
|
||||
import org.apache.lucene.search.BooleanQuery;
|
||||
|
@ -30,14 +31,12 @@ import org.elasticsearch.ElasticsearchParseException;
|
|||
import org.elasticsearch.ExceptionsHelper;
|
||||
import org.elasticsearch.common.bytes.BytesReference;
|
||||
import org.elasticsearch.common.logging.LoggerMessageFormat;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.lucene.search.Queries;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.common.xcontent.LoggingDeprecationHandler;
|
||||
import org.elasticsearch.common.xcontent.NamedXContentRegistry;
|
||||
import org.elasticsearch.common.xcontent.XContentFactory;
|
||||
import org.elasticsearch.common.xcontent.XContentParser;
|
||||
import org.elasticsearch.index.IndexSettings;
|
||||
import org.elasticsearch.index.cache.bitset.BitsetFilterCache;
|
||||
import org.elasticsearch.index.engine.EngineException;
|
||||
import org.elasticsearch.index.query.BoolQueryBuilder;
|
||||
|
@ -89,19 +88,18 @@ import static org.apache.lucene.search.BooleanClause.Occur.SHOULD;
|
|||
* instance.
|
||||
*/
|
||||
public class SecurityIndexSearcherWrapper extends IndexSearcherWrapper {
|
||||
private static final Logger logger = LogManager.getLogger(SecurityIndexSearcherWrapper.class);
|
||||
|
||||
private final Function<ShardId, QueryShardContext> queryShardContextProvider;
|
||||
private final BitsetFilterCache bitsetFilterCache;
|
||||
private final XPackLicenseState licenseState;
|
||||
private final ThreadContext threadContext;
|
||||
private final Logger logger;
|
||||
private final ScriptService scriptService;
|
||||
|
||||
public SecurityIndexSearcherWrapper(IndexSettings indexSettings, Function<ShardId, QueryShardContext> queryShardContextProvider,
|
||||
public SecurityIndexSearcherWrapper(Function<ShardId, QueryShardContext> queryShardContextProvider,
|
||||
BitsetFilterCache bitsetFilterCache, ThreadContext threadContext, XPackLicenseState licenseState,
|
||||
ScriptService scriptService) {
|
||||
this.scriptService = scriptService;
|
||||
this.logger = Loggers.getLogger(getClass(), indexSettings.getSettings());
|
||||
this.queryShardContextProvider = queryShardContextProvider;
|
||||
this.bitsetFilterCache = bitsetFilterCache;
|
||||
this.threadContext = threadContext;
|
||||
|
|
|
@ -30,12 +30,10 @@ import java.util.Objects;
|
|||
public final class RestrictedTrustConfig extends TrustConfig {
|
||||
|
||||
private static final String RESTRICTIONS_KEY_SUBJECT_NAME = "trust.subject_name";
|
||||
private final Settings settings;
|
||||
private final String groupConfigPath;
|
||||
private final TrustConfig delegate;
|
||||
|
||||
RestrictedTrustConfig(Settings settings, String groupConfigPath, TrustConfig delegate) {
|
||||
this.settings = settings;
|
||||
RestrictedTrustConfig(String groupConfigPath, TrustConfig delegate) {
|
||||
this.groupConfigPath = Objects.requireNonNull(groupConfigPath);
|
||||
this.delegate = Objects.requireNonNull(delegate);
|
||||
}
|
||||
|
@ -45,7 +43,7 @@ public final class RestrictedTrustConfig extends TrustConfig {
|
|||
try {
|
||||
final X509ExtendedTrustManager delegateTrustManager = delegate.createTrustManager(environment);
|
||||
final CertificateTrustRestrictions trustGroupConfig = readTrustGroup(resolveGroupConfigPath(environment));
|
||||
return new RestrictedTrustManager(settings, delegateTrustManager, trustGroupConfig);
|
||||
return new RestrictedTrustManager(delegateTrustManager, trustGroupConfig);
|
||||
} catch (IOException e) {
|
||||
throw new ElasticsearchException("failed to initialize TrustManager for {}", e, toString());
|
||||
}
|
||||
|
|
|
@ -6,9 +6,8 @@
|
|||
package org.elasticsearch.xpack.core.ssl;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
@ -35,15 +34,14 @@ import java.util.stream.Collectors;
|
|||
* The underlying certificate validation is delegated to another TrustManager.
|
||||
*/
|
||||
public final class RestrictedTrustManager extends X509ExtendedTrustManager {
|
||||
|
||||
private static final Logger logger = LogManager.getLogger(RestrictedTrustManager.class);
|
||||
private static final String CN_OID = "2.5.4.3";
|
||||
private static final int SAN_CODE_OTHERNAME = 0;
|
||||
private final Logger logger;
|
||||
|
||||
private final X509ExtendedTrustManager delegate;
|
||||
private final CertificateTrustRestrictions trustRestrictions;
|
||||
|
||||
public RestrictedTrustManager(Settings settings, X509ExtendedTrustManager delegate, CertificateTrustRestrictions restrictions) {
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
public RestrictedTrustManager(X509ExtendedTrustManager delegate, CertificateTrustRestrictions restrictions) {
|
||||
this.delegate = delegate;
|
||||
this.trustRestrictions = restrictions;
|
||||
logger.debug("Configured with trust restrictions: [{}]", restrictions);
|
||||
|
|
|
@ -206,7 +206,7 @@ public final class SSLConfiguration {
|
|||
private static TrustConfig createTrustConfig(Settings settings, KeyConfig keyConfig, SSLConfiguration global) {
|
||||
final TrustConfig trustConfig = createCertChainTrustConfig(settings, keyConfig, global);
|
||||
return SETTINGS_PARSER.trustRestrictionsPath.get(settings)
|
||||
.map(path -> (TrustConfig) new RestrictedTrustConfig(settings, path, trustConfig))
|
||||
.map(path -> (TrustConfig) new RestrictedTrustConfig(path, trustConfig))
|
||||
.orElse(trustConfig);
|
||||
}
|
||||
|
||||
|
|
|
@ -6,7 +6,6 @@
|
|||
package org.elasticsearch.xpack.core.watcher.transform;
|
||||
|
||||
import org.elasticsearch.ElasticsearchParseException;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentParser;
|
||||
import org.elasticsearch.xpack.core.watcher.transform.chain.ChainTransform;
|
||||
import org.elasticsearch.xpack.core.watcher.transform.chain.ChainTransformFactory;
|
||||
|
@ -20,9 +19,9 @@ public class TransformRegistry {
|
|||
|
||||
private final Map<String, TransformFactory> factories;
|
||||
|
||||
public TransformRegistry(Settings settings, Map<String, TransformFactory> factories) {
|
||||
public TransformRegistry(Map<String, TransformFactory> factories) {
|
||||
Map<String, TransformFactory> map = new HashMap<>(factories);
|
||||
map.put(ChainTransform.TYPE, new ChainTransformFactory(settings, this));
|
||||
map.put(ChainTransform.TYPE, new ChainTransformFactory(this));
|
||||
this.factories = Collections.unmodifiableMap(map);
|
||||
}
|
||||
|
||||
|
|
|
@ -5,8 +5,7 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.core.watcher.transform.chain;
|
||||
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.common.xcontent.XContentParser;
|
||||
import org.elasticsearch.xpack.core.watcher.transform.ExecutableTransform;
|
||||
import org.elasticsearch.xpack.core.watcher.transform.Transform;
|
||||
|
@ -20,8 +19,8 @@ public final class ChainTransformFactory extends TransformFactory<ChainTransform
|
|||
|
||||
private final TransformRegistry registry;
|
||||
|
||||
public ChainTransformFactory(Settings settings, TransformRegistry registry) {
|
||||
super(Loggers.getLogger(ExecutableChainTransform.class, settings));
|
||||
public ChainTransformFactory(TransformRegistry registry) {
|
||||
super(LogManager.getLogger(ExecutableChainTransform.class));
|
||||
this.registry = registry;
|
||||
}
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ public class SecurityIndexSearcherWrapperIntegrationTests extends ESTestCase {
|
|||
});
|
||||
XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
||||
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(true);
|
||||
SecurityIndexSearcherWrapper wrapper = new SecurityIndexSearcherWrapper(indexSettings, s -> queryShardContext,
|
||||
SecurityIndexSearcherWrapper wrapper = new SecurityIndexSearcherWrapper(s -> queryShardContext,
|
||||
bitsetFilterCache, threadContext, licenseState, scriptService) {
|
||||
|
||||
@Override
|
||||
|
|
|
@ -152,7 +152,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
|
||||
public void testDefaultMetaFields() throws Exception {
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService) {
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService) {
|
||||
@Override
|
||||
protected IndicesAccessControl getIndicesAccessControl() {
|
||||
IndicesAccessControl.IndexAccessControl indexAccessControl = new IndicesAccessControl.IndexAccessControl(true,
|
||||
|
@ -182,14 +182,14 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
public void testWrapReaderWhenFeatureDisabled() throws Exception {
|
||||
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(false);
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService);
|
||||
DirectoryReader reader = securityIndexSearcherWrapper.wrap(esIn);
|
||||
assertThat(reader, sameInstance(esIn));
|
||||
}
|
||||
|
||||
public void testWrapSearcherWhenFeatureDisabled() throws Exception {
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService);
|
||||
IndexSearcher indexSearcher = new IndexSearcher(esIn);
|
||||
IndexSearcher result = securityIndexSearcherWrapper.wrap(indexSearcher);
|
||||
assertThat(result, sameInstance(indexSearcher));
|
||||
|
@ -228,7 +228,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
DirectoryReader directoryReader = DocumentSubsetReader.wrap(esIn, bitsetFilterCache, new MatchAllDocsQuery());
|
||||
IndexSearcher indexSearcher = new IndexSearcher(directoryReader);
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService);
|
||||
IndexSearcher result = securityIndexSearcherWrapper.wrap(indexSearcher);
|
||||
assertThat(result, not(sameInstance(indexSearcher)));
|
||||
assertThat(result.getSimilarity(), sameInstance(indexSearcher.getSimilarity()));
|
||||
|
@ -237,7 +237,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
|
||||
public void testIntersectScorerAndRoleBits() throws Exception {
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService);
|
||||
final Directory directory = newDirectory();
|
||||
IndexWriter iw = new IndexWriter(
|
||||
directory,
|
||||
|
@ -326,7 +326,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
|
||||
public void testFieldPermissionsWithFieldExceptions() throws Exception {
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, null);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, null);
|
||||
String[] grantedFields = new String[]{};
|
||||
String[] deniedFields;
|
||||
Set<String> expected = new HashSet<>(META_FIELDS);
|
||||
|
@ -427,7 +427,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
User user = new User("_username", new String[]{"role1", "role2"}, "_full_name", "_email",
|
||||
Collections.singletonMap("key", "value"), true);
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService) {
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService) {
|
||||
|
||||
@Override
|
||||
protected User getUser() {
|
||||
|
@ -475,7 +475,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase {
|
|||
|
||||
public void testSkipTemplating() throws Exception {
|
||||
securityIndexSearcherWrapper =
|
||||
new SecurityIndexSearcherWrapper(indexSettings, null, null, threadContext, licenseState, scriptService);
|
||||
new SecurityIndexSearcherWrapper(null, null, threadContext, licenseState, scriptService);
|
||||
XContentBuilder builder = jsonBuilder();
|
||||
String querySource = Strings.toString(new TermQueryBuilder("field", "value").toXContent(builder, ToXContent.EMPTY_PARAMS));
|
||||
String result = securityIndexSearcherWrapper.evaluateTemplate(querySource);
|
||||
|
|
|
@ -69,7 +69,7 @@ public class RestrictedTrustConfigTests extends ESTestCase {
|
|||
}
|
||||
};
|
||||
|
||||
final RestrictedTrustConfig restrictedTrustConfig = new RestrictedTrustConfig(settings, groupConfigPath.toString(), delegate);
|
||||
final RestrictedTrustConfig restrictedTrustConfig = new RestrictedTrustConfig(groupConfigPath.toString(), delegate);
|
||||
List<Path> filesToMonitor = restrictedTrustConfig.filesToMonitor(environment);
|
||||
List<Path> expectedPathList = new ArrayList<>(otherFiles);
|
||||
expectedPathList.add(groupConfigPath);
|
||||
|
|
|
@ -6,8 +6,7 @@
|
|||
package org.elasticsearch.xpack.core.ssl;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.test.ESTestCase;
|
||||
import org.hamcrest.Description;
|
||||
import org.hamcrest.TypeSafeMatcher;
|
||||
|
@ -50,7 +49,7 @@ public class RestrictedTrustManagerTests extends ESTestCase {
|
|||
|
||||
@BeforeClass
|
||||
public static void ensureSupportedLocale() throws Exception {
|
||||
Logger logger = Loggers.getLogger(RestrictedTrustManagerTests.class);
|
||||
Logger logger = LogManager.getLogger(RestrictedTrustManagerTests.class);
|
||||
if (isUnusableLocale()) {
|
||||
// See: https://github.com/elastic/elasticsearch/issues/33081
|
||||
logger.warn("Attempting to run RestrictedTrustManagerTests tests in an unusable locale in a FIPS JVM. Certificate expiration " +
|
||||
|
@ -129,7 +128,7 @@ public class RestrictedTrustManagerTests extends ESTestCase {
|
|||
trustedNames.add("node" + node + ".cluster" + trustedCluster + ".elasticsearch");
|
||||
}
|
||||
final CertificateTrustRestrictions restrictions = new CertificateTrustRestrictions(trustedNames);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(Settings.EMPTY, baseTrustManager, restrictions);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(baseTrustManager, restrictions);
|
||||
assertSingleClusterIsTrusted(trustedCluster, trustManager, trustedNames);
|
||||
}
|
||||
|
||||
|
@ -137,7 +136,7 @@ public class RestrictedTrustManagerTests extends ESTestCase {
|
|||
final int trustedCluster = randomIntBetween(1, numberOfClusters);
|
||||
final List<String> trustedNames = Collections.singletonList("*.cluster" + trustedCluster + ".elasticsearch");
|
||||
final CertificateTrustRestrictions restrictions = new CertificateTrustRestrictions(trustedNames);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(Settings.EMPTY, baseTrustManager, restrictions);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(baseTrustManager, restrictions);
|
||||
assertSingleClusterIsTrusted(trustedCluster, trustManager, trustedNames);
|
||||
}
|
||||
|
||||
|
@ -147,7 +146,7 @@ public class RestrictedTrustManagerTests extends ESTestCase {
|
|||
final CertificateTrustRestrictions restrictions = new CertificateTrustRestrictions(
|
||||
trustedNames
|
||||
);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(Settings.EMPTY, baseTrustManager, restrictions);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(baseTrustManager, restrictions);
|
||||
for (int cluster = 1; cluster <= numberOfClusters; cluster++) {
|
||||
for (int node = 1; node <= numberOfNodes; node++) {
|
||||
if (node == trustedNode) {
|
||||
|
@ -161,7 +160,7 @@ public class RestrictedTrustManagerTests extends ESTestCase {
|
|||
|
||||
public void testThatDelegateTrustManagerIsRespected() throws Exception {
|
||||
final CertificateTrustRestrictions restrictions = new CertificateTrustRestrictions(Collections.singletonList("*.elasticsearch"));
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(Settings.EMPTY, baseTrustManager, restrictions);
|
||||
final RestrictedTrustManager trustManager = new RestrictedTrustManager(baseTrustManager, restrictions);
|
||||
for (String cert : certificates.keySet()) {
|
||||
if (cert.endsWith("/ca")) {
|
||||
assertTrusted(trustManager, cert);
|
||||
|
|
|
@ -658,7 +658,7 @@ public class Security extends Plugin implements ActionPlugin, IngestPlugin, Netw
|
|||
assert getLicenseState() != null;
|
||||
if (XPackSettings.DLS_FLS_ENABLED.get(settings)) {
|
||||
module.setSearcherWrapper(indexService ->
|
||||
new SecurityIndexSearcherWrapper(indexService.getIndexSettings(),
|
||||
new SecurityIndexSearcherWrapper(
|
||||
shardId -> indexService.newQueryShardContext(shardId.id(),
|
||||
// we pass a null index reader, which is legal and will disable rewrite optimizations
|
||||
// based on index statistics, which is probably safer...
|
||||
|
|
|
@ -6,11 +6,11 @@
|
|||
package org.elasticsearch.xpack.security.authc;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.elasticsearch.action.ActionListener;
|
||||
import org.elasticsearch.action.bulk.BulkItemResponse;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.common.util.concurrent.AbstractRunnable;
|
||||
|
@ -35,15 +35,14 @@ import static org.elasticsearch.xpack.core.ClientHelper.executeAsyncWithOrigin;
|
|||
* Responsible for cleaning the invalidated tokens from the invalidated tokens index.
|
||||
*/
|
||||
final class ExpiredTokenRemover extends AbstractRunnable {
|
||||
private static final Logger logger = LogManager.getLogger(ExpiredTokenRemover.class);
|
||||
|
||||
private final Client client;
|
||||
private final AtomicBoolean inProgress = new AtomicBoolean(false);
|
||||
private final Logger logger;
|
||||
private final TimeValue timeout;
|
||||
|
||||
ExpiredTokenRemover(Settings settings, Client client) {
|
||||
this.client = client;
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
this.timeout = TokenService.DELETE_TIMEOUT.get(settings);
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
package org.elasticsearch.xpack.security.authc.file;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.apache.logging.log4j.util.Supplier;
|
||||
import org.elasticsearch.ElasticsearchException;
|
||||
|
@ -42,8 +43,7 @@ import static java.util.Collections.emptyMap;
|
|||
import static java.util.Collections.unmodifiableMap;
|
||||
|
||||
public class FileUserPasswdStore {
|
||||
|
||||
private final Logger logger;
|
||||
private static final Logger logger = LogManager.getLogger(FileUserPasswdStore.class);
|
||||
|
||||
private final Path file;
|
||||
private final Settings settings;
|
||||
|
@ -55,7 +55,6 @@ public class FileUserPasswdStore {
|
|||
}
|
||||
|
||||
FileUserPasswdStore(RealmConfig config, ResourceWatcherService watcherService, Runnable listener) {
|
||||
logger = config.logger(FileUserPasswdStore.class);
|
||||
file = resolveFile(config.env());
|
||||
settings = config.globalSettings();
|
||||
users = parseFileLenient(file, logger, settings);
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
package org.elasticsearch.xpack.security.authc.file;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.apache.logging.log4j.util.Supplier;
|
||||
import org.elasticsearch.ElasticsearchException;
|
||||
|
@ -39,11 +40,10 @@ import static java.util.Collections.unmodifiableMap;
|
|||
import static org.elasticsearch.common.Strings.collectionToCommaDelimitedString;
|
||||
|
||||
public class FileUserRolesStore {
|
||||
private static final Logger logger = LogManager.getLogger(FileUserRolesStore.class);
|
||||
|
||||
private static final Pattern USERS_DELIM = Pattern.compile("\\s*,\\s*");
|
||||
|
||||
private final Logger logger;
|
||||
|
||||
private final Path file;
|
||||
private final CopyOnWriteArrayList<Runnable> listeners;
|
||||
private volatile Map<String, String[]> userRoles;
|
||||
|
@ -53,7 +53,6 @@ public class FileUserRolesStore {
|
|||
}
|
||||
|
||||
FileUserRolesStore(RealmConfig config, ResourceWatcherService watcherService, Runnable listener) {
|
||||
logger = config.logger(FileUserRolesStore.class);
|
||||
file = resolveFile(config.env());
|
||||
userRoles = parseFileLenient(file, logger);
|
||||
listeners = new CopyOnWriteArrayList<>(Collections.singletonList(listener));
|
||||
|
|
|
@ -11,6 +11,7 @@ import com.unboundid.ldap.sdk.LDAPURL;
|
|||
import com.unboundid.ldap.sdk.ServerSet;
|
||||
import com.unboundid.util.ssl.HostNameSSLSocketVerifier;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.action.ActionListener;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
|
@ -62,7 +63,7 @@ public abstract class SessionFactory {
|
|||
|
||||
protected SessionFactory(RealmConfig config, SSLService sslService, ThreadPool threadPool) {
|
||||
this.config = config;
|
||||
this.logger = config.logger(getClass());
|
||||
this.logger = LogManager.getLogger(getClass());
|
||||
final Settings settings = config.settings();
|
||||
TimeValue searchTimeout = settings.getAsTime(SessionFactorySettings.TIMEOUT_LDAP_SETTING, SessionFactorySettings.TIMEOUT_DEFAULT);
|
||||
if (searchTimeout.millis() < 1000L) {
|
||||
|
|
|
@ -19,7 +19,6 @@ import org.elasticsearch.ElasticsearchSecurityException;
|
|||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.collect.Tuple;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
import org.opensaml.core.xml.XMLObject;
|
||||
import org.opensaml.saml.saml2.core.Assertion;
|
||||
import org.opensaml.saml.saml2.core.Attribute;
|
||||
|
@ -52,12 +51,11 @@ class SamlAuthenticator extends SamlRequestHandler {
|
|||
|
||||
private static final String RESPONSE_TAG_NAME = "Response";
|
||||
|
||||
SamlAuthenticator(RealmConfig realmConfig,
|
||||
Clock clock,
|
||||
SamlAuthenticator(Clock clock,
|
||||
IdpConfiguration idp,
|
||||
SpConfiguration sp,
|
||||
TimeValue maxSkew) {
|
||||
super(realmConfig, clock, idp, sp, maxSkew);
|
||||
super(clock, idp, sp, maxSkew);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -23,7 +23,6 @@ import org.elasticsearch.common.Strings;
|
|||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.core.internal.io.Streams;
|
||||
import org.elasticsearch.rest.RestUtils;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
import org.opensaml.saml.common.SAMLObject;
|
||||
import org.opensaml.saml.saml2.core.EncryptedID;
|
||||
import org.opensaml.saml.saml2.core.LogoutRequest;
|
||||
|
@ -42,8 +41,8 @@ public class SamlLogoutRequestHandler extends SamlRequestHandler {
|
|||
|
||||
private static final String REQUEST_TAG_NAME = "LogoutRequest";
|
||||
|
||||
SamlLogoutRequestHandler(RealmConfig realmConfig, Clock clock, IdpConfiguration idp, SpConfiguration sp, TimeValue maxSkew) {
|
||||
super(realmConfig, clock, idp, sp, maxSkew);
|
||||
SamlLogoutRequestHandler(Clock clock, IdpConfiguration idp, SpConfiguration sp, TimeValue maxSkew) {
|
||||
super(clock, idp, sp, maxSkew);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -15,6 +15,7 @@ import org.apache.http.conn.ssl.NoopHostnameVerifier;
|
|||
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.ExceptionsHelper;
|
||||
|
@ -134,6 +135,7 @@ import static org.elasticsearch.xpack.core.security.authc.saml.SamlRealmSettings
|
|||
* are still cool and no chance to opt out
|
||||
*/
|
||||
public final class SamlRealm extends Realm implements Releasable {
|
||||
private static final Logger logger = LogManager.getLogger(SamlRealm.class);
|
||||
|
||||
public static final String USER_METADATA_NAMEID_VALUE = "saml_" + SamlAttributes.NAMEID_SYNTHENTIC_ATTRIBUTE;
|
||||
public static final String USER_METADATA_NAMEID_FORMAT = USER_METADATA_NAMEID_VALUE + "_format";
|
||||
|
@ -178,7 +180,6 @@ public final class SamlRealm extends Realm implements Releasable {
|
|||
*/
|
||||
public static SamlRealm create(RealmConfig config, SSLService sslService, ResourceWatcherService watcherService,
|
||||
UserRoleMapper roleMapper) throws Exception {
|
||||
final Logger logger = config.logger(SamlRealm.class);
|
||||
SamlUtils.initialize(logger);
|
||||
|
||||
if (TokenService.isTokenServiceEnabled(config.globalSettings()) == false) {
|
||||
|
@ -196,9 +197,9 @@ public final class SamlRealm extends Realm implements Releasable {
|
|||
final Clock clock = Clock.systemUTC();
|
||||
final IdpConfiguration idpConfiguration = getIdpConfiguration(config, metadataResolver, idpDescriptor);
|
||||
final TimeValue maxSkew = CLOCK_SKEW.get(config.settings());
|
||||
final SamlAuthenticator authenticator = new SamlAuthenticator(config, clock, idpConfiguration, serviceProvider, maxSkew);
|
||||
final SamlAuthenticator authenticator = new SamlAuthenticator(clock, idpConfiguration, serviceProvider, maxSkew);
|
||||
final SamlLogoutRequestHandler logoutHandler =
|
||||
new SamlLogoutRequestHandler(config, clock, idpConfiguration, serviceProvider, maxSkew);
|
||||
new SamlLogoutRequestHandler(clock, idpConfiguration, serviceProvider, maxSkew);
|
||||
|
||||
final SamlRealm realm = new SamlRealm(config, roleMapper, authenticator, logoutHandler, idpDescriptor, serviceProvider);
|
||||
|
||||
|
|
|
@ -6,14 +6,13 @@
|
|||
package org.elasticsearch.xpack.security.authc.saml;
|
||||
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.common.CheckedFunction;
|
||||
import org.elasticsearch.common.Nullable;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
import org.elasticsearch.xpack.security.support.RestorableContextClassLoader;
|
||||
import org.joda.time.DateTime;
|
||||
import org.opensaml.core.xml.XMLObject;
|
||||
|
@ -82,7 +81,7 @@ public class SamlRequestHandler {
|
|||
}
|
||||
});
|
||||
|
||||
protected final Logger logger;
|
||||
protected final Logger logger = LogManager.getLogger(getClass());
|
||||
|
||||
@Nullable
|
||||
protected final Decrypter decrypter;
|
||||
|
@ -93,8 +92,7 @@ public class SamlRequestHandler {
|
|||
private final TimeValue maxSkew;
|
||||
private final UnmarshallerFactory unmarshallerFactory;
|
||||
|
||||
public SamlRequestHandler(RealmConfig realmConfig, Clock clock, IdpConfiguration idp, SpConfiguration sp, TimeValue maxSkew) {
|
||||
this.logger = Loggers.getLogger(getClass(), realmConfig.globalSettings());
|
||||
public SamlRequestHandler(Clock clock, IdpConfiguration idp, SpConfiguration sp, TimeValue maxSkew) {
|
||||
this.clock = clock;
|
||||
this.idp = idp;
|
||||
this.sp = sp;
|
||||
|
|
|
@ -20,6 +20,7 @@ import java.util.concurrent.CopyOnWriteArrayList;
|
|||
import com.unboundid.ldap.sdk.DN;
|
||||
import com.unboundid.ldap.sdk.LDAPException;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.message.ParameterizedMessage;
|
||||
import org.apache.logging.log4j.util.Supplier;
|
||||
import org.elasticsearch.ElasticsearchException;
|
||||
|
@ -43,8 +44,8 @@ import static org.elasticsearch.xpack.security.authc.ldap.support.LdapUtils.rela
|
|||
* This class loads and monitors the file defining the mappings of DNs to internal ES Roles.
|
||||
*/
|
||||
public class DnRoleMapper implements UserRoleMapper {
|
||||
private static final Logger logger = LogManager.getLogger(DnRoleMapper.class);
|
||||
|
||||
protected final Logger logger;
|
||||
protected final RealmConfig config;
|
||||
|
||||
private final Path file;
|
||||
|
@ -54,7 +55,6 @@ public class DnRoleMapper implements UserRoleMapper {
|
|||
|
||||
public DnRoleMapper(RealmConfig config, ResourceWatcherService watcherService) {
|
||||
this.config = config;
|
||||
this.logger = config.logger(getClass());
|
||||
|
||||
useUnmappedGroupsAsRoles = DnRoleMapperSettings.USE_UNMAPPED_GROUPS_AS_ROLES_SETTING.get(config.settings());
|
||||
file = resolveFile(config.settings(), config.env());
|
||||
|
|
|
@ -7,6 +7,7 @@ package org.elasticsearch.xpack.security.authc.support;
|
|||
|
||||
import java.nio.file.Path;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.bootstrap.BootstrapCheck;
|
||||
import org.elasticsearch.bootstrap.BootstrapContext;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
|
@ -28,7 +29,7 @@ public class RoleMappingFileBootstrapCheck implements BootstrapCheck {
|
|||
@Override
|
||||
public BootstrapCheckResult check(BootstrapContext context) {
|
||||
try {
|
||||
DnRoleMapper.parseFile(path, realmConfig.logger(getClass()), realmConfig.type(), realmConfig.name(), true);
|
||||
DnRoleMapper.parseFile(path, LogManager.getLogger(getClass()), realmConfig.type(), realmConfig.name(), true);
|
||||
return BootstrapCheckResult.success();
|
||||
} catch (Exception e) {
|
||||
return BootstrapCheckResult.failure(e.getMessage());
|
||||
|
|
|
@ -8,9 +8,9 @@ package org.elasticsearch.xpack.security.transport.filter;
|
|||
|
||||
import io.netty.handler.ipfilter.IpFilterRuleType;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.lucene.util.SetOnce;
|
||||
import org.elasticsearch.common.collect.MapBuilder;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.ClusterSettings;
|
||||
import org.elasticsearch.common.settings.Setting;
|
||||
import org.elasticsearch.common.settings.Setting.Property;
|
||||
|
@ -96,11 +96,12 @@ public class IPFilter {
|
|||
}
|
||||
};
|
||||
|
||||
private static final Logger logger = LogManager.getLogger(IPFilter.class);
|
||||
|
||||
private final AuditTrailService auditTrail;
|
||||
private final XPackLicenseState licenseState;
|
||||
private final boolean alwaysAllowBoundAddresses;
|
||||
|
||||
private final Logger logger;
|
||||
private volatile Map<String, SecurityIpFilterRule[]> rules = Collections.emptyMap();
|
||||
private volatile boolean isIpFilterEnabled;
|
||||
private volatile boolean isHttpFilterEnabled;
|
||||
|
@ -117,7 +118,6 @@ public class IPFilter {
|
|||
|
||||
public IPFilter(final Settings settings, AuditTrailService auditTrail, ClusterSettings clusterSettings,
|
||||
XPackLicenseState licenseState) {
|
||||
this.logger = Loggers.getLogger(getClass(), settings);
|
||||
this.auditTrail = auditTrail;
|
||||
this.licenseState = licenseState;
|
||||
this.alwaysAllowBoundAddresses = ALLOW_BOUND_ADDRESSES_SETTING.get(settings);
|
||||
|
|
|
@ -17,13 +17,8 @@ import org.elasticsearch.common.CheckedConsumer;
|
|||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.collect.Tuple;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.env.TestEnvironment;
|
||||
import org.elasticsearch.xpack.core.watcher.watch.ClockMock;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Before;
|
||||
|
@ -183,10 +178,8 @@ public class SamlAuthenticatorTests extends SamlTestCase {
|
|||
this.requestId = randomId();
|
||||
}
|
||||
|
||||
private SamlAuthenticator buildAuthenticator(Supplier<List<Credential>> credentials, List<String> reqAuthnCtxClassRef) throws
|
||||
Exception {
|
||||
final Settings globalSettings = Settings.builder().put("path.home", createTempDir()).build();
|
||||
final Settings realmSettings = Settings.EMPTY;
|
||||
private SamlAuthenticator buildAuthenticator(Supplier<List<Credential>> credentials, List<String> reqAuthnCtxClassRef)
|
||||
throws Exception {
|
||||
final IdpConfiguration idp = new IdpConfiguration(IDP_ENTITY_ID, credentials);
|
||||
|
||||
final SigningConfiguration signingConfiguration = new SigningConfiguration(Collections.singleton("*"),
|
||||
|
@ -195,9 +188,7 @@ public class SamlAuthenticatorTests extends SamlTestCase {
|
|||
.map((cred) -> (X509Credential) cred).collect(Collectors.<X509Credential>toList());
|
||||
final SpConfiguration sp = new SpConfiguration(SP_ENTITY_ID, SP_ACS_URL, null, signingConfiguration, spEncryptionCredentials,
|
||||
reqAuthnCtxClassRef);
|
||||
final Environment env = TestEnvironment.newEnvironment(globalSettings);
|
||||
return new SamlAuthenticator(
|
||||
new RealmConfig("saml_test", realmSettings, globalSettings, env, new ThreadContext(globalSettings)),
|
||||
clock,
|
||||
idp,
|
||||
sp,
|
||||
|
|
|
@ -15,13 +15,8 @@ import java.util.Arrays;
|
|||
import java.util.Collections;
|
||||
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.common.util.set.Sets;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.env.TestEnvironment;
|
||||
import org.elasticsearch.xpack.core.security.authc.RealmConfig;
|
||||
import org.joda.time.DateTime;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.Before;
|
||||
|
@ -206,17 +201,13 @@ public class SamlLogoutRequestHandlerTests extends SamlTestCase {
|
|||
}
|
||||
|
||||
private SamlLogoutRequestHandler buildHandler() throws Exception {
|
||||
final Settings globalSettings = Settings.builder().put("path.home", createTempDir()).build();
|
||||
final Settings realmSettings = Settings.EMPTY;
|
||||
final IdpConfiguration idp = new IdpConfiguration(IDP_ENTITY_ID, () -> Collections.singletonList(credential));
|
||||
|
||||
final X509Credential spCredential = (X509Credential) buildOpenSamlCredential(readRandomKeyPair()).get(0);
|
||||
final SigningConfiguration signingConfiguration = new SigningConfiguration(Collections.singleton("*"), spCredential);
|
||||
final SpConfiguration sp = new SpConfiguration("https://sp.test/", "https://sp.test/saml/asc", LOGOUT_URL,
|
||||
signingConfiguration, Arrays.asList(spCredential), Collections.emptyList());
|
||||
final Environment env = TestEnvironment.newEnvironment(globalSettings);
|
||||
return new SamlLogoutRequestHandler(
|
||||
new RealmConfig("saml_test", realmSettings, globalSettings, env, new ThreadContext(globalSettings)),
|
||||
clock,
|
||||
idp,
|
||||
sp,
|
||||
|
|
|
@ -315,7 +315,7 @@ public class Watcher extends Plugin implements ActionPlugin, ScriptPlugin, Reloa
|
|||
final Map<String, TransformFactory> transformFactories = new HashMap<>();
|
||||
transformFactories.put(ScriptTransform.TYPE, new ScriptTransformFactory(settings, scriptService));
|
||||
transformFactories.put(SearchTransform.TYPE, new SearchTransformFactory(settings, client, xContentRegistry, scriptService));
|
||||
final TransformRegistry transformRegistry = new TransformRegistry(settings, Collections.unmodifiableMap(transformFactories));
|
||||
final TransformRegistry transformRegistry = new TransformRegistry(Collections.unmodifiableMap(transformFactories));
|
||||
|
||||
// actions
|
||||
final Map<String, ActionFactory> actionFactoryMap = new HashMap<>();
|
||||
|
|
|
@ -73,7 +73,7 @@ public class TransformInputTests extends ESTestCase {
|
|||
public void testParserValid() throws Exception {
|
||||
Map<String, TransformFactory> transformFactories = Collections.singletonMap("script",
|
||||
new ScriptTransformFactory(Settings.EMPTY, scriptService));
|
||||
TransformRegistry registry = new TransformRegistry(Settings.EMPTY, transformFactories);
|
||||
TransformRegistry registry = new TransformRegistry(transformFactories);
|
||||
TransformInputFactory factory = new TransformInputFactory(Settings.EMPTY, registry);
|
||||
|
||||
// { "script" : { "lang" : "mockscript", "source" : "1" } }
|
||||
|
@ -97,7 +97,7 @@ public class TransformInputTests extends ESTestCase {
|
|||
|
||||
Map<String, TransformFactory> transformFactories = Collections.singletonMap("script",
|
||||
new ScriptTransformFactory(Settings.EMPTY, scriptService));
|
||||
TransformRegistry registry = new TransformRegistry(Settings.EMPTY, transformFactories);
|
||||
TransformRegistry registry = new TransformRegistry(transformFactories);
|
||||
TransformInputFactory factory = new TransformInputFactory(Settings.EMPTY, registry);
|
||||
XContentParser parser = createParser(jsonBuilder);
|
||||
|
||||
|
@ -116,7 +116,7 @@ public class TransformInputTests extends ESTestCase {
|
|||
public void testTransformInputToXContentIsSameAsParsing() throws Exception {
|
||||
Map<String, TransformFactory> transformFactories = Collections.singletonMap("script",
|
||||
new ScriptTransformFactory(Settings.EMPTY, scriptService));
|
||||
TransformRegistry registry = new TransformRegistry(Settings.EMPTY, transformFactories);
|
||||
TransformRegistry registry = new TransformRegistry(transformFactories);
|
||||
TransformInputFactory factory = new TransformInputFactory(Settings.EMPTY, registry);
|
||||
|
||||
XContentBuilder jsonBuilder = jsonBuilder().startObject().startObject("script")
|
||||
|
|
|
@ -8,7 +8,6 @@ package org.elasticsearch.xpack.watcher.transform.chain;
|
|||
import org.apache.logging.log4j.Logger;
|
||||
import org.elasticsearch.common.bytes.BytesReference;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.common.xcontent.XContentParser;
|
||||
import org.elasticsearch.common.xcontent.json.JsonXContent;
|
||||
|
@ -113,10 +112,9 @@ public class ChainTransformTests extends ESTestCase {
|
|||
}
|
||||
|
||||
public void testParser() throws Exception {
|
||||
TransformRegistry registry = new TransformRegistry(Settings.EMPTY,
|
||||
singletonMap("named", new NamedExecutableTransform.Factory(logger)));
|
||||
TransformRegistry registry = new TransformRegistry(singletonMap("named", new NamedExecutableTransform.Factory(logger)));
|
||||
|
||||
ChainTransformFactory transformParser = new ChainTransformFactory(Settings.EMPTY, registry);
|
||||
ChainTransformFactory transformParser = new ChainTransformFactory(registry);
|
||||
|
||||
XContentBuilder builder = jsonBuilder().startArray()
|
||||
.startObject().startObject("named").field("name", "name1").endObject().endObject()
|
||||
|
|
|
@ -570,7 +570,7 @@ public class WatchTests extends ESTestCase {
|
|||
Map<String, TransformFactory> factories = new HashMap<>();
|
||||
factories.put(ScriptTransform.TYPE, new ScriptTransformFactory(settings, scriptService));
|
||||
factories.put(SearchTransform.TYPE, new SearchTransformFactory(settings, client, xContentRegistry(), scriptService));
|
||||
return new TransformRegistry(Settings.EMPTY, unmodifiableMap(factories));
|
||||
return new TransformRegistry(unmodifiableMap(factories));
|
||||
}
|
||||
|
||||
private List<ActionWrapper> randomActions() {
|
||||
|
|
Loading…
Reference in New Issue