mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-03-09 14:34:43 +00:00
Merge branch 'master' into feature/shield-ui
Original commit: elastic/x-pack-elasticsearch@2b65f74b82
This commit is contained in:
commit
562b80c47e
@ -15,6 +15,7 @@ integTest {
|
||||
dependsOn copyMonitoringRestTests
|
||||
|
||||
cluster {
|
||||
systemProperty 'es.logger.level', 'TRACE'
|
||||
plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack')
|
||||
setting 'xpack.monitoring.agent.interval', '3s'
|
||||
extraConfigFile 'x-pack/roles.yml', 'roles.yml'
|
||||
|
@ -131,4 +131,20 @@ public class ReservedRealmTests extends ESTestCase {
|
||||
|
||||
assertThat(ReservedRealm.users(), containsInAnyOrder((User) XPackUser.INSTANCE, KibanaUser.INSTANCE));
|
||||
}
|
||||
|
||||
public void testFailedAuthentication() {
|
||||
final ReservedRealm reservedRealm = new ReservedRealm(mock(Environment.class), Settings.EMPTY, usersStore);
|
||||
// maybe cache a successful auth
|
||||
if (randomBoolean()) {
|
||||
User user = reservedRealm.authenticate(new UsernamePasswordToken(XPackUser.NAME, new SecuredString("changeme".toCharArray())));
|
||||
assertThat(user, sameInstance(XPackUser.INSTANCE));
|
||||
}
|
||||
|
||||
try {
|
||||
reservedRealm.authenticate(new UsernamePasswordToken(XPackUser.NAME, new SecuredString("foobar".toCharArray())));
|
||||
fail("authentication should throw an exception otherwise we may allow others to impersonate reserved users...");
|
||||
} catch (ElasticsearchSecurityException e) {
|
||||
assertThat(e.getMessage(), containsString("failed to authenticate"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user