Remove uses of single argument Environment constructor from production code (elastic/x-pack-elasticsearch#2852)

Following elastic/elasticsearch#27235 the single argument Environment constructor
is forbidden in production code.  This change removes the last such uses from
X-Pack.

Original commit: elastic/x-pack-elasticsearch@87e72d0d07
This commit is contained in:
David Roberts 2017-11-03 09:12:35 +00:00 committed by GitHub
parent 1a28f57e0d
commit ba5dbc4daf
15 changed files with 62 additions and 41 deletions

View File

@ -598,7 +598,7 @@ public class XPackPlugin extends Plugin implements ScriptPlugin, ActionPlugin, I
@Override @Override
public List<BootstrapCheck> getBootstrapChecks() { public List<BootstrapCheck> getBootstrapChecks() {
return Collections.unmodifiableList( return Collections.unmodifiableList(
Stream.of(security.getBootstrapChecks(), watcher.getBootstrapChecks()) Stream.of(security.getBootstrapChecks(), watcher.getBootstrapChecks(env))
.flatMap(Collection::stream) .flatMap(Collection::stream)
.collect(Collectors.toList())); .collect(Collectors.toList()));
} }

View File

@ -254,7 +254,7 @@ public class Security implements ActionPlugin, IngestPlugin, NetworkPlugin, Clus
new TokenSSLBootstrapCheck(), new TokenSSLBootstrapCheck(),
new PkiRealmBootstrapCheck(sslService), new PkiRealmBootstrapCheck(sslService),
new TLSLicenseBootstrapCheck())); new TLSLicenseBootstrapCheck()));
checks.addAll(InternalRealms.getBootstrapChecks(settings)); checks.addAll(InternalRealms.getBootstrapChecks(settings, env));
this.bootstrapChecks = Collections.unmodifiableList(checks); this.bootstrapChecks = Collections.unmodifiableList(checks);
} else { } else {
this.bootstrapChecks = Collections.emptyList(); this.bootstrapChecks = Collections.emptyList();

View File

@ -17,6 +17,7 @@ import java.util.Set;
import org.elasticsearch.bootstrap.BootstrapCheck; import org.elasticsearch.bootstrap.BootstrapCheck;
import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.env.Environment;
import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.watcher.ResourceWatcherService; import org.elasticsearch.watcher.ResourceWatcherService;
import org.elasticsearch.xpack.security.SecurityLifecycleService; import org.elasticsearch.xpack.security.SecurityLifecycleService;
@ -101,11 +102,11 @@ public class InternalRealms {
private InternalRealms() { private InternalRealms() {
} }
public static List<BootstrapCheck> getBootstrapChecks(final Settings globalSettings) { public static List<BootstrapCheck> getBootstrapChecks(final Settings globalSettings, final Environment env) {
final List<BootstrapCheck> checks = new ArrayList<>(); final List<BootstrapCheck> checks = new ArrayList<>();
final Map<String, Settings> settingsByRealm = RealmSettings.getRealmSettings(globalSettings); final Map<String, Settings> settingsByRealm = RealmSettings.getRealmSettings(globalSettings);
settingsByRealm.forEach((name, settings) -> { settingsByRealm.forEach((name, settings) -> {
final RealmConfig realmConfig = new RealmConfig(name, settings, globalSettings, null); final RealmConfig realmConfig = new RealmConfig(name, settings, globalSettings, env, null);
switch (realmConfig.type()) { switch (realmConfig.type()) {
case LdapRealm.AD_TYPE: case LdapRealm.AD_TYPE:
case LdapRealm.LDAP_TYPE: case LdapRealm.LDAP_TYPE:

View File

@ -23,11 +23,6 @@ public class RealmConfig {
private final Settings globalSettings; private final Settings globalSettings;
private final ThreadContext threadContext; private final ThreadContext threadContext;
public RealmConfig(String name, Settings settings, Settings globalSettings,
ThreadContext threadContext) {
this(name, settings, globalSettings, new Environment(globalSettings), threadContext);
}
public RealmConfig(String name, Settings settings, Settings globalSettings, Environment env, public RealmConfig(String name, Settings settings, Settings globalSettings, Environment env,
ThreadContext threadContext) { ThreadContext threadContext) {
this.name = name; this.name = name;

View File

@ -517,7 +517,7 @@ public class Watcher implements ActionPlugin {
}; };
} }
public List<BootstrapCheck> getBootstrapChecks() { public List<BootstrapCheck> getBootstrapChecks(Environment env) {
return Collections.singletonList(new EncryptSensitiveDataBootstrapCheck(new Environment(settings))); return Collections.singletonList(new EncryptSensitiveDataBootstrapCheck(env));
} }
} }

View File

@ -7,6 +7,7 @@ package org.elasticsearch.xpack.security.authc;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.env.Environment;
import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.watcher.ResourceWatcherService; import org.elasticsearch.watcher.ResourceWatcherService;
@ -38,10 +39,12 @@ public class InternalRealmsTests extends ESTestCase {
verifyZeroInteractions(lifecycleService); verifyZeroInteractions(lifecycleService);
Settings settings = Settings.builder().put("path.home", createTempDir()).build(); Settings settings = Settings.builder().put("path.home", createTempDir()).build();
factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new ThreadContext(settings))); factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new Environment(settings),
new ThreadContext(settings)));
verify(lifecycleService).addSecurityIndexHealthChangeListener(isA(BiConsumer.class)); verify(lifecycleService).addSecurityIndexHealthChangeListener(isA(BiConsumer.class));
factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new ThreadContext(settings))); factories.get(NativeRealm.TYPE).create(new RealmConfig("test", Settings.EMPTY, settings, new Environment(settings),
new ThreadContext(settings)));
verify(lifecycleService, times(2)).addSecurityIndexHealthChangeListener(isA(BiConsumer.class)); verify(lifecycleService, times(2)).addSecurityIndexHealthChangeListener(isA(BiConsumer.class));
} }
} }

View File

@ -9,6 +9,7 @@ import org.elasticsearch.cluster.health.ClusterHealthStatus;
import org.elasticsearch.cluster.health.ClusterIndexHealth; import org.elasticsearch.cluster.health.ClusterIndexHealth;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.env.Environment;
import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.xpack.security.authc.RealmConfig; import org.elasticsearch.xpack.security.authc.RealmConfig;
@ -23,7 +24,7 @@ public class NativeRealmTests extends ESTestCase {
final AtomicInteger numInvalidation = new AtomicInteger(0); final AtomicInteger numInvalidation = new AtomicInteger(0);
int expectedInvalidation = 0; int expectedInvalidation = 0;
Settings settings = Settings.builder().put("path.home", createTempDir()).build(); Settings settings = Settings.builder().put("path.home", createTempDir()).build();
RealmConfig config = new RealmConfig("native", Settings.EMPTY, settings, new ThreadContext(settings)); RealmConfig config = new RealmConfig("native", Settings.EMPTY, settings, new Environment(settings), new ThreadContext(settings));
final NativeRealm nativeRealm = new NativeRealm(config, mock(NativeUsersStore.class)) { final NativeRealm nativeRealm = new NativeRealm(config, mock(NativeUsersStore.class)) {
@Override @Override
void clearCache() { void clearCache() {

View File

@ -62,7 +62,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryI
public void testAdAuth() throws Exception { public void testAdAuth() throws Exception {
RealmConfig config = new RealmConfig("ad-test", RealmConfig config = new RealmConfig("ad-test",
buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false), buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false),
globalSettings, new ThreadContext(Settings.EMPTY)); globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY));
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) { try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
String userName = "ironman"; String userName = "ironman";
@ -410,7 +410,7 @@ public class ActiveDirectorySessionFactoryTests extends AbstractActiveDirectoryI
public void testADLookup() throws Exception { public void testADLookup() throws Exception {
RealmConfig config = new RealmConfig("ad-test", RealmConfig config = new RealmConfig("ad-test",
buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false, true), buildAdSettings(AD_LDAP_URL, AD_DOMAIN, false, true),
globalSettings, new ThreadContext(Settings.EMPTY)); globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY));
try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) { try (ActiveDirectorySessionFactory sessionFactory = getActiveDirectorySessionFactory(config, sslService, threadPool)) {
List<String> users = randomSubsetOf(Arrays.asList("cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow", List<String> users = randomSubsetOf(Arrays.asList("cap", "hawkeye", "hulk", "ironman", "thor", "blackwidow",

View File

@ -15,6 +15,7 @@ import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.env.Environment;
import org.elasticsearch.xpack.security.authc.RealmConfig; import org.elasticsearch.xpack.security.authc.RealmConfig;
import org.elasticsearch.xpack.security.authc.ldap.LdapSessionFactory; import org.elasticsearch.xpack.security.authc.ldap.LdapSessionFactory;
import org.elasticsearch.xpack.security.authc.support.DnRoleMapper; import org.elasticsearch.xpack.security.authc.support.DnRoleMapper;
@ -135,7 +136,7 @@ public abstract class LdapTestCase extends ESTestCase {
.put(DnRoleMapper.USE_UNMAPPED_GROUPS_AS_ROLES_SETTING.getKey(), true) .put(DnRoleMapper.USE_UNMAPPED_GROUPS_AS_ROLES_SETTING.getKey(), true)
.build(); .build();
Settings global = Settings.builder().put("path.home", createTempDir()).build(); Settings global = Settings.builder().put("path.home", createTempDir()).build();
RealmConfig config = new RealmConfig("ldap1", settings, global, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("ldap1", settings, global, new Environment(global), new ThreadContext(Settings.EMPTY));
return new DnRoleMapper(config, resourceWatcherService); return new DnRoleMapper(config, resourceWatcherService);
} }

View File

@ -222,8 +222,9 @@ public class SessionFactoryLoadBalancingTests extends LdapTestCase {
String userTemplate = "cn={0},ou=people,o=sevenSeas"; String userTemplate = "cn={0},ou=people,o=sevenSeas";
Settings settings = buildLdapSettings(ldapUrls(), new String[] { userTemplate }, groupSearchBase, Settings settings = buildLdapSettings(ldapUrls(), new String[] { userTemplate }, groupSearchBase,
LdapSearchScope.SUB_TREE, loadBalancing); LdapSearchScope.SUB_TREE, loadBalancing);
RealmConfig config = new RealmConfig("test-session-factory", settings, Settings.builder().put("path.home", Settings globalSettings = Settings.builder().put("path.home", createTempDir()).build();
createTempDir()).build(), new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test-session-factory", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
return new TestSessionFactory(config, new SSLService(Settings.EMPTY, new Environment(config.globalSettings())), threadPool); return new TestSessionFactory(config, new SSLService(Settings.EMPTY, new Environment(config.globalSettings())), threadPool);
} }

View File

@ -107,7 +107,7 @@ public class SessionFactoryTests extends ESTestCase {
private SessionFactory createSessionFactory() { private SessionFactory createSessionFactory() {
Settings global = Settings.builder().put("path.home", createTempDir()).build(); Settings global = Settings.builder().put("path.home", createTempDir()).build();
final RealmConfig realmConfig = new RealmConfig("_name", Settings.builder().put("url", "ldap://localhost:389").build(), final RealmConfig realmConfig = new RealmConfig("_name", Settings.builder().put("url", "ldap://localhost:389").build(),
global, new ThreadContext(Settings.EMPTY)); global, new Environment(global), new ThreadContext(Settings.EMPTY));
return new SessionFactory(realmConfig, null, threadPool) { return new SessionFactory(realmConfig, null, threadPool) {
@Override @Override

View File

@ -11,6 +11,7 @@ import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.env.Environment;
import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.SecuritySettingsSource; import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.xpack.security.authc.AuthenticationResult; import org.elasticsearch.xpack.security.authc.AuthenticationResult;
@ -55,7 +56,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
.put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl)
.build(); .build();
RealmConfig config = new RealmConfig("test_realm", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test_realm", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) {
@Override @Override
protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) { protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) {
@ -226,7 +228,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
Settings settings = Settings.builder() Settings settings = Settings.builder()
.put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl)
.build(); .build();
RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config); AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config);
final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password")); final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password"));
@ -254,7 +257,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
Settings settings = Settings.builder() Settings settings = Settings.builder()
.put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl) .put(CachingUsernamePasswordRealm.CACHE_TTL_SETTING.getKey(), ttl)
.build(); .build();
RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test_cache_ttl", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config); AlwaysAuthenticateCachingRealm realm = new AlwaysAuthenticateCachingRealm(config);
final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password")); final UsernamePasswordToken authToken = new UsernamePasswordToken("the-user", new SecureString("the-password"));
@ -330,7 +334,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
final SecureString randomPassword = new SecureString(randomAlphaOfLength(password.length()).toCharArray()); final SecureString randomPassword = new SecureString(randomAlphaOfLength(password.length()).toCharArray());
final String passwordHash = new String(Hasher.BCRYPT.hash(password)); final String passwordHash = new String(Hasher.BCRYPT.hash(password));
RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) {
@Override @Override
protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) { protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) {
@ -393,7 +398,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
public void testUserLookupConcurrency() throws Exception { public void testUserLookupConcurrency() throws Exception {
final String username = "username"; final String username = "username";
RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("test_realm", Settings.EMPTY, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) { final CachingUsernamePasswordRealm realm = new CachingUsernamePasswordRealm("test", config) {
@Override @Override
protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) { protected void doAuthenticate(UsernamePasswordToken token, ActionListener<AuthenticationResult> listener) {
@ -446,7 +452,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
static class FailingAuthenticationRealm extends CachingUsernamePasswordRealm { static class FailingAuthenticationRealm extends CachingUsernamePasswordRealm {
FailingAuthenticationRealm(Settings settings, Settings global) { FailingAuthenticationRealm(Settings settings, Settings global) {
super("failing", new RealmConfig("failing-test", settings, global, new ThreadContext(Settings.EMPTY))); super("failing", new RealmConfig("failing-test", settings, global, new Environment(global),
new ThreadContext(Settings.EMPTY)));
} }
@Override @Override
@ -463,7 +470,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
static class ThrowingAuthenticationRealm extends CachingUsernamePasswordRealm { static class ThrowingAuthenticationRealm extends CachingUsernamePasswordRealm {
ThrowingAuthenticationRealm(Settings settings, Settings globalSettings) { ThrowingAuthenticationRealm(Settings settings, Settings globalSettings) {
super("throwing", new RealmConfig("throwing-test", settings, globalSettings, new ThreadContext(Settings.EMPTY))); super("throwing", new RealmConfig("throwing-test", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY)));
} }
@Override @Override
@ -485,7 +493,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
private boolean usersEnabled = true; private boolean usersEnabled = true;
AlwaysAuthenticateCachingRealm(Settings globalSettings) { AlwaysAuthenticateCachingRealm(Settings globalSettings) {
this(new RealmConfig("always-test", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY))); this(new RealmConfig("always-test", Settings.EMPTY, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY)));
} }
AlwaysAuthenticateCachingRealm(RealmConfig config) { AlwaysAuthenticateCachingRealm(RealmConfig config) {
@ -516,7 +525,8 @@ public class CachingUsernamePasswordRealmTests extends ESTestCase {
public final AtomicInteger lookupInvocationCounter = new AtomicInteger(0); public final AtomicInteger lookupInvocationCounter = new AtomicInteger(0);
LookupNotSupportedRealm(Settings globalSettings) { LookupNotSupportedRealm(Settings globalSettings) {
super("lookup", new RealmConfig("lookup-notsupported-test", Settings.EMPTY, globalSettings, new ThreadContext(Settings.EMPTY))); super("lookup", new RealmConfig("lookup-notsupported-test", Settings.EMPTY, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY)));
} }
@Override @Override

View File

@ -283,7 +283,7 @@ public class DnRoleMapperTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.build(); .build();
RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings), new ThreadContext(Settings.EMPTY));
DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool));
@ -297,7 +297,7 @@ public class DnRoleMapperTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, true) .put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, true)
.build(); .build();
RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings), new ThreadContext(Settings.EMPTY));
DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool));
@ -311,7 +311,8 @@ public class DnRoleMapperTests extends ESTestCase {
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, false) .put(USE_UNMAPPED_GROUPS_AS_ROLES_SETTING_KEY, false)
.build(); .build();
RealmConfig config = new RealmConfig("ldap-userdn-role", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("ldap-userdn-role", ldapSettings, settings, new Environment(settings),
new ThreadContext(Settings.EMPTY));
DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool)); DnRoleMapper mapper = new DnRoleMapper(config, new ResourceWatcherService(settings, threadPool));

View File

@ -15,6 +15,7 @@ import org.elasticsearch.bootstrap.BootstrapCheck;
import org.elasticsearch.bootstrap.BootstrapContext; import org.elasticsearch.bootstrap.BootstrapContext;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.env.Environment;
import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.xpack.security.authc.RealmConfig; import org.elasticsearch.xpack.security.authc.RealmConfig;
import org.junit.Before; import org.junit.Before;
@ -42,7 +43,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.build(); .build();
RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("ldap1", ldapSettings, settings, new Environment(settings),
new ThreadContext(Settings.EMPTY));
final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config);
assertThat(check, notNullValue()); assertThat(check, notNullValue());
assertThat(check.alwaysEnforce(), equalTo(true)); assertThat(check.alwaysEnforce(), equalTo(true));
@ -55,7 +57,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.build(); .build();
RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings),
new ThreadContext(Settings.EMPTY));
final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config);
assertThat(check, notNullValue()); assertThat(check, notNullValue());
assertThat(check.alwaysEnforce(), equalTo(true)); assertThat(check.alwaysEnforce(), equalTo(true));
@ -74,7 +77,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.build(); .build();
RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings),
new ThreadContext(Settings.EMPTY));
final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config);
assertThat(check, notNullValue()); assertThat(check, notNullValue());
assertThat(check.alwaysEnforce(), equalTo(true)); assertThat(check.alwaysEnforce(), equalTo(true));
@ -93,7 +97,8 @@ public class RoleMappingFileBootstrapCheckTests extends ESTestCase {
Settings ldapSettings = Settings.builder() Settings ldapSettings = Settings.builder()
.put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath()) .put(ROLE_MAPPING_FILE_SETTING, file.toAbsolutePath())
.build(); .build();
RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("the-realm-name", ldapSettings, settings, new Environment(settings),
new ThreadContext(Settings.EMPTY));
final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config); final BootstrapCheck check = RoleMappingFileBootstrapCheck.create(config);
assertThat(check, notNullValue()); assertThat(check, notNullValue());
assertThat(check.alwaysEnforce(), equalTo(true)); assertThat(check.alwaysEnforce(), equalTo(true));

View File

@ -108,7 +108,7 @@ public class OpenLdapTests extends ESTestCase {
String groupSearchBase = "ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String groupSearchBase = "ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com";
String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com";
RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase, RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase,
LdapSearchScope.ONE_LEVEL), globalSettings, new ThreadContext(Settings.EMPTY)); LdapSearchScope.ONE_LEVEL), globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" }; String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" };
@ -126,7 +126,7 @@ public class OpenLdapTests extends ESTestCase {
String groupSearchBase = "cn=Avengers,ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String groupSearchBase = "cn=Avengers,ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com";
String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; String userTemplate = "uid={0},ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com";
RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase, RealmConfig config = new RealmConfig("oldap-test", buildLdapSettings(OPEN_LDAP_URL, userTemplate, groupSearchBase,
LdapSearchScope.BASE), globalSettings, new ThreadContext(Settings.EMPTY)); LdapSearchScope.BASE), globalSettings, new Environment(globalSettings), new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" }; String[] users = new String[] { "blackwidow", "cap", "hawkeye", "hulk", "ironman", "thor" };
@ -145,7 +145,8 @@ public class OpenLdapTests extends ESTestCase {
.put("group_search.filter", "(&(objectclass=posixGroup)(memberUid={0}))") .put("group_search.filter", "(&(objectclass=posixGroup)(memberUid={0}))")
.put("group_search.user_attribute", "uid") .put("group_search.user_attribute", "uid")
.build(); .build();
RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
try (LdapSession ldap = session(sessionFactory, "selvig", PASSWORD_SECURE_STRING)){ try (LdapSession ldap = session(sessionFactory, "selvig", PASSWORD_SECURE_STRING)){
@ -163,7 +164,8 @@ public class OpenLdapTests extends ESTestCase {
.put("ssl.verification_mode", VerificationMode.CERTIFICATE) .put("ssl.verification_mode", VerificationMode.CERTIFICATE)
.put(SessionFactory.TIMEOUT_TCP_READ_SETTING, "1ms") //1 millisecond .put(SessionFactory.TIMEOUT_TCP_READ_SETTING, "1ms") //1 millisecond
.build(); .build();
RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
LDAPException expected = expectThrows(LDAPException.class, LDAPException expected = expectThrows(LDAPException.class,
@ -180,7 +182,8 @@ public class OpenLdapTests extends ESTestCase {
.put("ssl.verification_mode", VerificationMode.FULL) .put("ssl.verification_mode", VerificationMode.FULL)
.build(); .build();
RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new ThreadContext(Settings.EMPTY)); RealmConfig config = new RealmConfig("oldap-test", settings, globalSettings, new Environment(globalSettings),
new ThreadContext(Settings.EMPTY));
LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool); LdapSessionFactory sessionFactory = new LdapSessionFactory(config, sslService, threadPool);
String user = "blackwidow"; String user = "blackwidow";