diff --git a/plugin/src/main/java/org/elasticsearch/xpack/XPackPlugin.java b/plugin/src/main/java/org/elasticsearch/xpack/XPackPlugin.java index bcf338698ac..f231fbe046c 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/XPackPlugin.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/XPackPlugin.java @@ -598,7 +598,7 @@ public class XPackPlugin extends Plugin implements ScriptPlugin, ActionPlugin, I @Override public List getBootstrapChecks() { return Collections.unmodifiableList( - Stream.of(security.getBootstrapChecks(), watcher.getBootstrapChecks()) + Stream.of(security.getBootstrapChecks(), watcher.getBootstrapChecks(env)) .flatMap(Collection::stream) .collect(Collectors.toList())); } diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/Security.java b/plugin/src/main/java/org/elasticsearch/xpack/security/Security.java index abef77cb096..54c60c437d1 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/Security.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/Security.java @@ -254,7 +254,7 @@ public class Security implements ActionPlugin, IngestPlugin, NetworkPlugin, Clus new TokenSSLBootstrapCheck(), new PkiRealmBootstrapCheck(sslService), new TLSLicenseBootstrapCheck())); - checks.addAll(InternalRealms.getBootstrapChecks(settings)); + checks.addAll(InternalRealms.getBootstrapChecks(settings, env)); this.bootstrapChecks = Collections.unmodifiableList(checks); } else { this.bootstrapChecks = Collections.emptyList(); diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/InternalRealms.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/InternalRealms.java index 27e237c94a0..6aaff01561a 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/InternalRealms.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/InternalRealms.java @@ -17,6 +17,7 @@ import java.util.Set; import org.elasticsearch.bootstrap.BootstrapCheck; import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.env.Environment; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.watcher.ResourceWatcherService; import org.elasticsearch.xpack.security.SecurityLifecycleService; @@ -101,11 +102,11 @@ public class InternalRealms { private InternalRealms() { } - public static List getBootstrapChecks(final Settings globalSettings) { + public static List getBootstrapChecks(final Settings globalSettings, final Environment env) { final List checks = new ArrayList<>(); final Map settingsByRealm = RealmSettings.getRealmSettings(globalSettings); settingsByRealm.forEach((name, settings) -> { - final RealmConfig realmConfig = new RealmConfig(name, settings, globalSettings, null); + final RealmConfig realmConfig = new RealmConfig(name, settings, globalSettings, env, null); switch (realmConfig.type()) { case LdapRealm.AD_TYPE: case LdapRealm.LDAP_TYPE: diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/RealmConfig.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/RealmConfig.java index 2c4db222295..f79909893d0 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/RealmConfig.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/RealmConfig.java @@ -23,11 +23,6 @@ public class RealmConfig { private final Settings globalSettings; private final ThreadContext threadContext; - public RealmConfig(String name, Settings settings, Settings globalSettings, - ThreadContext threadContext) { - this(name, settings, globalSettings, new Environment(globalSettings), threadContext); - } - public RealmConfig(String name, Settings settings, Settings globalSettings, Environment env, ThreadContext threadContext) { this.name = name; diff --git a/plugin/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java b/plugin/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java index 8d3f901ad85..ba19df1bf64 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java @@ -517,7 +517,7 @@ public class Watcher implements ActionPlugin { }; } - public List getBootstrapChecks() { - return Collections.singletonList(new EncryptSensitiveDataBootstrapCheck(new Environment(settings))); + public List getBootstrapChecks(Environment env) { + return Collections.singletonList(new EncryptSensitiveDataBootstrapCheck(env)); } } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/InternalRealmsTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/InternalRealmsTests.java index e68b709a280..4bf197bb346 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/InternalRealmsTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/InternalRealmsTests.java @@ -7,6 +7,7 @@ package org.elasticsearch.xpack.security.authc; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; +import org.elasticsearch.env.Environment; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.watcher.ResourceWatcherService; @@ -38,10 +39,12 @@ public class InternalRealmsTests extends ESTestCase { verifyZeroInteractions(lifecycleService); Settings settings = Settings.builder().put("path.home", createTempDir()).build(); - factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new ThreadContext(settings))); + factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new Environment(settings), + new ThreadContext(settings))); verify(lifecycleService).addSecurityIndexHealthChangeListener(isA(BiConsumer.class)); - factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new ThreadContext(settings))); + factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new Environment(settings), + new ThreadContext(settings))); verify(lifecycleService, times(2)).addSecurityIndexHealthChangeListener(isA(BiConsumer.class)); } } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/NativeRealmTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/NativeRealmTests.java index eb6b3de2f51..0e17c814a62 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/NativeRealmTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/NativeRealmTests.java @@ -9,6 +9,7 @@ import org.elasticsearch.cluster.health.ClusterHealthStatus; import org.elasticsearch.cluster.health.ClusterIndexHealth; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; +import org.elasticsearch.env.Environment; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.xpack.security.authc.RealmConfig; @@ -23,7 +24,7 @@ public class NativeRealmTests extends ESTestCase { final AtomicInteger numInvalidation = new AtomicInteger(0); int expectedInvalidation = 0; Settings settings = Settings.builder().put("path.home", createTempDir()).build(); - RealmConfig config = new RealmConfig("native", Settings.EMPTY, settings, new ThreadContext(settings)); + RealmConfig config = new RealmConfig("native", Settings.EMPTY, settings, new Environment(settings), new ThreadContext(settings)); final NativeRealm nativeRealm = new NativeRealm(config, mock(NativeUsersStore.class)) { @Override void clearCache() { diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/ActiveDirectorySessionFactoryTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/ActiveDirectorySessionFactoryTests.java index c06fa0fec52..9429be45ba3 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/ActiveDirectorySessionFactoryTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/ActiveDirectorySessionFactoryTests.java @@ -62,7 +62,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryI public void testAdAuth() throws Exception { RealmConfig config = new RealmConfig("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false), - globalSettings, new ThreadContext(Settings.EMPTY)); + globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY)); try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) { String userName = "ironman"; @@ -410,7 +410,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryI public void testADLookup() throws Exception { RealmConfig config = new RealmConfig("ad-test", buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false, true), - globalSettings, new ThreadContext(Settings.EMPTY)); + globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY)); try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) { List users = randomSubsetOf(Arrays.asList("cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow", diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java index 57f745fbfb8..739eb77f870 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/LdapTestCase.java @@ -15,6 +15,7 @@ import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.util.concurrent.ThreadContext; +import org.elasticsearch.env.Environment; import org.elasticsearch.xpack.security.authc.RealmConfig; import org.elasticsearch.xpack.security.authc.ldap.LdapSessionFactory; import org.elasticsearch.xpack.security.authc.support.DnRoleMapper; @@ -135,7 +136,7 @@ public abstract class LdapTestCase extends ESTestCase { .put(DnRoleMapper.USE_UNMAPPED_GROUPS_AS_ROLES_SETTING.getKey(), true) .build(); Settings global = Settings.builder().put("path.home", createTempDir()).build(); - RealmConfig config = new RealmConfig("ldap1", settings, global, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("ldap1", settings, global, new Environment(global), new ThreadContext(Settings.EMPTY)); return new DnRoleMapper(config, resourceWatcherService); } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryLoadBalancingTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryLoadBalancingTests.java index 7640ce1be8d..99eee09ebad 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryLoadBalancingTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryLoadBalancingTests.java @@ -222,8 +222,9 @@ public class SessionFactoryLoadBalancingTests extends LdapTestCase { String userTemplate = "cn={0},ou=people,o=sevenSeas"; Settings settings = buildLdapSettings(ldapUrls(), new String[] { userTemplate }, groupSearchBase, LdapSearchScope.SUB_TREE, loadBalancing); - RealmConfig config = new RealmConfig("test-session-factory", settings, Settings.builder().put("path.home", - createTempDir()).build(), new ThreadContext(Settings.EMPTY)); + Settings globalSettings = Settings.builder().put("path.home", createTempDir()).build(); + RealmConfig config = new RealmConfig("test-session-factory", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); return new TestSessionFactory(config, new SSLService(Settings.EMPTY, new Environment(config.globalSettings())), threadPool); } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryTests.java index 6fdff63daf3..bd233383b8c 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/ldap/support/SessionFactoryTests.java @@ -107,7 +107,7 @@ public class SessionFactoryTests extends ESTestCase { private SessionFactory createSessionFactory() { Settings global = Settings.builder().put("path.home", createTempDir()).build(); final RealmConfig realmConfig = new RealmConfig("_name", Settings.builder().put("url", "ldap://localhost:389").build(), - global, new ThreadContext(Settings.EMPTY)); + global, new Environment(global), new ThreadContext(Settings.EMPTY)); return new SessionFactory(realmConfig, null, threadPool) { @Override diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/CachingUsernamePasswordRealmTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/CachingUsernamePasswordRealmTests.java index 27b57acd3a5..fe21280896a 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/CachingUsernamePasswordRealmTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/CachingUsernamePasswordRealmTests.java @@ -11,6 +11,7 @@ import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.util.concurrent.ThreadContext; +import org.elasticsearch.env.Environment; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.SecuritySettingsSource; import org.elasticsearch.xpack.security.authc.AuthenticationResult; @@ -55,7 +56,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .build(); - RealmConfig config = new RealmConfig("test_realm", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("test_realm", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { @Override protected void doAuthenticate(UsernamePasswordToken token, ActionListener listener) { @@ -226,7 +228,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { Settings settings = Settings.builder() .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .build(); - RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config); final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password")); @@ -254,7 +257,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { Settings settings = Settings.builder() .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .build(); - RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config); final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password")); @@ -330,7 +334,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { final SecureString randomPassword = new SecureString(randomAlphaOfLength(password.length()).toCharArray()); final String passwordHash = new String(Hasher.BCRYPT.hash(password)); - RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { @Override protected void doAuthenticate(UsernamePasswordToken token, ActionListener listener) { @@ -393,7 +398,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { public void testUserLookupConcurrency() throws Exception { final String username = "username"; - RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { @Override protected void doAuthenticate(UsernamePasswordToken token, ActionListener listener) { @@ -446,7 +452,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { static class FailingAuthenticationRealm extends CachingUsernamePasswordRealm { FailingAuthenticationRealm(Settings settings, Settings global) { - super("failing", new RealmConfig("failing-test", settings, global, new ThreadContext(Settings.EMPTY))); + super("failing", new RealmConfig("failing-test", settings, global, new Environment(global), + new ThreadContext(Settings.EMPTY))); } @Override @@ -463,7 +470,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { static class ThrowingAuthenticationRealm extends CachingUsernamePasswordRealm { ThrowingAuthenticationRealm(Settings settings, Settings globalSettings) { - super("throwing", new RealmConfig("throwing-test", settings, globalSettings, new ThreadContext(Settings.EMPTY))); + super("throwing", new RealmConfig("throwing-test", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY))); } @Override @@ -485,7 +493,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { private boolean usersEnabled = true; AlwaysAuthenticateCachingRealm(Settings globalSettings) { - this(new RealmConfig("always-test", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY))); + this(new RealmConfig("always-test", Settings.EMPTY, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY))); } AlwaysAuthenticateCachingRealm(RealmConfig config) { @@ -516,7 +525,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase { public final AtomicInteger lookupInvocationCounter = new AtomicInteger(0); LookupNotSupportedRealm(Settings globalSettings) { - super("lookup", new RealmConfig("lookup-notsupported-test", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY))); + super("lookup", new RealmConfig("lookup-notsupported-test", Settings.EMPTY, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY))); } @Override diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapperTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapperTests.java index 7e385fffbc3..eb3e1f18451 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapperTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapperTests.java @@ -283,7 +283,7 @@ public class DnRoleMapperTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings), new ThreadContext(Settings.EMPTY)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); @@ -297,7 +297,7 @@ public class DnRoleMapperTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, true) .build(); - RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings), new ThreadContext(Settings.EMPTY)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); @@ -311,7 +311,8 @@ public class DnRoleMapperTests extends ESTestCase { .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, false) .build(); - RealmConfig config = new RealmConfig("ldap-userdn-role", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("ldap-userdn-role", ldapSettings, settings, new Environment(settings), + new ThreadContext(Settings.EMPTY)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/RoleMappingFileBootstrapCheckTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/RoleMappingFileBootstrapCheckTests.java index cbbc0366fb3..93f633e60ff 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/RoleMappingFileBootstrapCheckTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/support/RoleMappingFileBootstrapCheckTests.java @@ -15,6 +15,7 @@ import org.elasticsearch.bootstrap.BootstrapCheck; import org.elasticsearch.bootstrap.BootstrapContext; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; +import org.elasticsearch.env.Environment; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.xpack.security.authc.RealmConfig; import org.junit.Before; @@ -42,7 +43,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings), + new ThreadContext(Settings.EMPTY)); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); assertThat(check, notNullValue()); assertThat(check.alwaysEnforce(), equalTo(true)); @@ -55,7 +57,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings), + new ThreadContext(Settings.EMPTY)); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); assertThat(check, notNullValue()); assertThat(check.alwaysEnforce(), equalTo(true)); @@ -74,7 +77,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings), + new ThreadContext(Settings.EMPTY)); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); assertThat(check, notNullValue()); assertThat(check.alwaysEnforce(), equalTo(true)); @@ -93,7 +97,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase { Settings ldapSettings = Settings.builder() .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .build(); - RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings), + new ThreadContext(Settings.EMPTY)); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); assertThat(check, notNullValue()); assertThat(check.alwaysEnforce(), equalTo(true)); diff --git a/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java b/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java index 6cfee684b91..0f1e3b11e2e 100644 --- a/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java +++ b/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java @@ -108,7 +108,7 @@ public class OpenLdapTests extends ESTestCase { String groupSearchBase = "ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase, - LdapSearchScope.ONE_LEVEL), globalSettings, new ThreadContext(Settings.EMPTY)); + LdapSearchScope.ONE_LEVEL), globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY)); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" }; @@ -126,7 +126,7 @@ public class OpenLdapTests extends ESTestCase { String groupSearchBase = "cn=Avengers,ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase, - LdapSearchScope.BASE), globalSettings, new ThreadContext(Settings.EMPTY)); + LdapSearchScope.BASE), globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY)); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" }; @@ -145,7 +145,8 @@ public class OpenLdapTests extends ESTestCase { .put("group_search.filter", "(&(objectclass=posixGroup)(memberUid={0}))") .put("group_search.user_attribute", "uid") .build(); - RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); try (LdapSession ldap = session(sessionFactory, "selvig", PASSWORD_SECURE_STRING)){ @@ -163,7 +164,8 @@ public class OpenLdapTests extends ESTestCase { .put("ssl.verification_mode", VerificationMode.CERTIFICATE) .put(SessionFactory.TIMEOUT_TCP_READ_SETTING, "1ms") //1 millisecond .build(); - RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LDAPException expected = expectThrows(LDAPException.class, @@ -180,7 +182,8 @@ public class OpenLdapTests extends ESTestCase { .put("ssl.verification_mode", VerificationMode.FULL) .build(); - RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); + RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings), + new ThreadContext(Settings.EMPTY)); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); String user = "blackwidow";