Deprecate /_xpack/security/* in favor of /_security/* (#36293)
* This commit is part of our plan to deprecate and ultimately remove the use of _xpack in the REST APIs. - REST API docs - HLRC docs and doc tests - Handle REST actions with deprecation warnings - Changed endpoints in rest-api-spec and relevant file names
This commit is contained in:
parent
bf42cedc13
commit
d7c5d8049a
|
@ -56,7 +56,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request changePassword(ChangePasswordRequest changePasswordRequest) throws IOException {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/user")
|
||||
.addPathPartAsIs("_security/user")
|
||||
.addPathPart(changePasswordRequest.getUsername())
|
||||
.addPathPartAsIs("_password")
|
||||
.build();
|
||||
|
@ -69,7 +69,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request putUser(PutUserRequest putUserRequest) throws IOException {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/user")
|
||||
.addPathPartAsIs("_security/user")
|
||||
.addPathPart(putUserRequest.getUser().getUsername())
|
||||
.build();
|
||||
Request request = new Request(HttpPut.METHOD_NAME, endpoint);
|
||||
|
@ -81,7 +81,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request deleteUser(DeleteUserRequest deleteUserRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack","security", "user")
|
||||
.addPathPartAsIs("_security", "user")
|
||||
.addPathPart(deleteUserRequest.getName())
|
||||
.build();
|
||||
Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
|
||||
|
@ -92,7 +92,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request putRoleMapping(final PutRoleMappingRequest putRoleMappingRequest) throws IOException {
|
||||
final String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/role_mapping")
|
||||
.addPathPartAsIs("_security/role_mapping")
|
||||
.addPathPart(putRoleMappingRequest.getName())
|
||||
.build();
|
||||
final Request request = new Request(HttpPut.METHOD_NAME, endpoint);
|
||||
|
@ -104,7 +104,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request getRoleMappings(final GetRoleMappingsRequest getRoleMappingRequest) throws IOException {
|
||||
RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder();
|
||||
builder.addPathPartAsIs("_xpack/security/role_mapping");
|
||||
builder.addPathPartAsIs("_security/role_mapping");
|
||||
if (getRoleMappingRequest.getRoleMappingNames().size() > 0) {
|
||||
builder.addPathPart(Strings.collectionToCommaDelimitedString(getRoleMappingRequest.getRoleMappingNames()));
|
||||
}
|
||||
|
@ -121,7 +121,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
private static Request setUserEnabled(SetUserEnabledRequest setUserEnabledRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/user")
|
||||
.addPathPartAsIs("_security/user")
|
||||
.addPathPart(setUserEnabledRequest.getUsername())
|
||||
.addPathPart(setUserEnabledRequest.isEnabled() ? "_enable" : "_disable")
|
||||
.build();
|
||||
|
@ -132,14 +132,14 @@ final class SecurityRequestConverters {
|
|||
}
|
||||
|
||||
static Request hasPrivileges(HasPrivilegesRequest hasPrivilegesRequest) throws IOException {
|
||||
Request request = new Request(HttpGet.METHOD_NAME, "/_xpack/security/user/_has_privileges");
|
||||
Request request = new Request(HttpGet.METHOD_NAME, "/_security/user/_has_privileges");
|
||||
request.setEntity(createEntity(hasPrivilegesRequest, REQUEST_BODY_CONTENT_TYPE));
|
||||
return request;
|
||||
}
|
||||
|
||||
static Request clearRealmCache(ClearRealmCacheRequest clearRealmCacheRequest) {
|
||||
RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/realm");
|
||||
.addPathPartAsIs("_security/realm");
|
||||
if (clearRealmCacheRequest.getRealms().isEmpty() == false) {
|
||||
builder.addCommaSeparatedPathParts(clearRealmCacheRequest.getRealms().toArray(Strings.EMPTY_ARRAY));
|
||||
} else {
|
||||
|
@ -156,7 +156,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request clearRolesCache(ClearRolesCacheRequest disableCacheRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/role")
|
||||
.addPathPartAsIs("_security/role")
|
||||
.addCommaSeparatedPathParts(disableCacheRequest.names())
|
||||
.addPathPart("_clear_cache")
|
||||
.build();
|
||||
|
@ -165,7 +165,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request deleteRoleMapping(DeleteRoleMappingRequest deleteRoleMappingRequest) {
|
||||
final String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/role_mapping")
|
||||
.addPathPartAsIs("_security/role_mapping")
|
||||
.addPathPart(deleteRoleMappingRequest.getName())
|
||||
.build();
|
||||
final Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
|
||||
|
@ -176,7 +176,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request deleteRole(DeleteRoleRequest deleteRoleRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/role")
|
||||
.addPathPartAsIs("_security/role")
|
||||
.addPathPart(deleteRoleRequest.getName())
|
||||
.build();
|
||||
Request request = new Request(HttpDelete.METHOD_NAME, endpoint);
|
||||
|
@ -187,7 +187,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request getRoles(GetRolesRequest getRolesRequest) {
|
||||
RequestConverters.EndpointBuilder builder = new RequestConverters.EndpointBuilder();
|
||||
builder.addPathPartAsIs("_xpack/security/role");
|
||||
builder.addPathPartAsIs("_security/role");
|
||||
if (getRolesRequest.getRoleNames().size() > 0) {
|
||||
builder.addPathPart(Strings.collectionToCommaDelimitedString(getRolesRequest.getRoleNames()));
|
||||
}
|
||||
|
@ -195,20 +195,20 @@ final class SecurityRequestConverters {
|
|||
}
|
||||
|
||||
static Request createToken(CreateTokenRequest createTokenRequest) throws IOException {
|
||||
Request request = new Request(HttpPost.METHOD_NAME, "/_xpack/security/oauth2/token");
|
||||
Request request = new Request(HttpPost.METHOD_NAME, "/_security/oauth2/token");
|
||||
request.setEntity(createEntity(createTokenRequest, REQUEST_BODY_CONTENT_TYPE));
|
||||
return request;
|
||||
}
|
||||
|
||||
static Request invalidateToken(InvalidateTokenRequest invalidateTokenRequest) throws IOException {
|
||||
Request request = new Request(HttpDelete.METHOD_NAME, "/_xpack/security/oauth2/token");
|
||||
Request request = new Request(HttpDelete.METHOD_NAME, "/_security/oauth2/token");
|
||||
request.setEntity(createEntity(invalidateTokenRequest, REQUEST_BODY_CONTENT_TYPE));
|
||||
return request;
|
||||
}
|
||||
|
||||
static Request getPrivileges(GetPrivilegesRequest getPrivilegesRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/privilege")
|
||||
.addPathPartAsIs("_security/privilege")
|
||||
.addPathPart(getPrivilegesRequest.getApplicationName())
|
||||
.addCommaSeparatedPathParts(getPrivilegesRequest.getPrivilegeNames())
|
||||
.build();
|
||||
|
@ -216,7 +216,7 @@ final class SecurityRequestConverters {
|
|||
}
|
||||
|
||||
static Request putPrivileges(final PutPrivilegesRequest putPrivilegesRequest) throws IOException {
|
||||
Request request = new Request(HttpPut.METHOD_NAME, "/_xpack/security/privilege");
|
||||
Request request = new Request(HttpPut.METHOD_NAME, "/_security/privilege");
|
||||
request.setEntity(createEntity(putPrivilegesRequest, REQUEST_BODY_CONTENT_TYPE));
|
||||
RequestConverters.Params params = new RequestConverters.Params(request);
|
||||
params.withRefreshPolicy(putPrivilegesRequest.getRefreshPolicy());
|
||||
|
@ -225,7 +225,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request deletePrivileges(DeletePrivilegesRequest deletePrivilegeRequest) {
|
||||
String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/privilege")
|
||||
.addPathPartAsIs("_security/privilege")
|
||||
.addPathPart(deletePrivilegeRequest.getApplication())
|
||||
.addCommaSeparatedPathParts(deletePrivilegeRequest.getPrivileges())
|
||||
.build();
|
||||
|
@ -237,7 +237,7 @@ final class SecurityRequestConverters {
|
|||
|
||||
static Request putRole(final PutRoleRequest putRoleRequest) throws IOException {
|
||||
final String endpoint = new RequestConverters.EndpointBuilder()
|
||||
.addPathPartAsIs("_xpack/security/role")
|
||||
.addPathPartAsIs("_security/role")
|
||||
.addPathPart(putRoleRequest.getRole().getName())
|
||||
.build();
|
||||
final Request request = new Request(HttpPut.METHOD_NAME, endpoint);
|
||||
|
|
|
@ -35,7 +35,7 @@ public final class AuthenticateRequest implements Validatable {
|
|||
}
|
||||
|
||||
public Request getRequest() {
|
||||
return new Request(HttpGet.METHOD_NAME, "/_xpack/security/_authenticate");
|
||||
return new Request(HttpGet.METHOD_NAME, "/_security/_authenticate");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ public final class GetSslCertificatesRequest implements Validatable{
|
|||
}
|
||||
|
||||
public Request getRequest() {
|
||||
return new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
|
||||
return new Request(HttpGet.METHOD_NAME, "/_ssl/certificates");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -70,7 +70,7 @@ public class SecurityIT extends ESRestHighLevelClientTestCase {
|
|||
assertThat(updateUserResponse.isCreated(), is(false));
|
||||
// delete user
|
||||
final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME,
|
||||
"/_xpack/security/user/" + putUserRequest.getUser().getUsername());
|
||||
"/_security/user/" + putUserRequest.getUser().getUsername());
|
||||
highLevelClient().getLowLevelClient().performRequest(deleteUserRequest);
|
||||
}
|
||||
|
||||
|
|
|
@ -84,7 +84,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
PutUserRequest putUserRequest = new PutUserRequest(user, password, enabled, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.putUser(putUserRequest);
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/" + putUserRequest.getUser().getUsername(), request.getEndpoint());
|
||||
assertEquals("/_security/user/" + putUserRequest.getUser().getUsername(), request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(putUserRequest, request.getEntity());
|
||||
}
|
||||
|
@ -96,7 +96,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
DeleteUserRequest deleteUserRequest = new DeleteUserRequest(name, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.deleteUser(deleteUserRequest);
|
||||
assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/" + name, request.getEndpoint());
|
||||
assertEquals("/_security/user/" + name, request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -124,7 +124,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
final Request request = SecurityRequestConverters.putRoleMapping(putRoleMappingRequest);
|
||||
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/role_mapping/" + roleMappingName, request.getEndpoint());
|
||||
assertEquals("/_security/role_mapping/" + roleMappingName, request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(putRoleMappingRequest, request.getEntity());
|
||||
}
|
||||
|
@ -139,9 +139,9 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
if (noOfRoleMappingNames == 0) {
|
||||
assertEquals("/_xpack/security/role_mapping", request.getEndpoint());
|
||||
assertEquals("/_security/role_mapping", request.getEndpoint());
|
||||
} else {
|
||||
assertEquals("/_xpack/security/role_mapping/" +
|
||||
assertEquals("/_security/role_mapping/" +
|
||||
Strings.collectionToCommaDelimitedString(getRoleMappingsRequest.getRoleMappingNames()), request.getEndpoint());
|
||||
}
|
||||
assertEquals(Collections.emptyMap(), request.getParameters());
|
||||
|
@ -155,7 +155,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
EnableUserRequest enableUserRequest = new EnableUserRequest(username, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.enableUser(enableUserRequest);
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/" + username + "/_enable", request.getEndpoint());
|
||||
assertEquals("/_security/user/" + username + "/_enable", request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -167,7 +167,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
DisableUserRequest disableUserRequest = new DisableUserRequest(username, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.disableUser(disableUserRequest);
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/" + username + "/_disable", request.getEndpoint());
|
||||
assertEquals("/_security/user/" + username + "/_disable", request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -188,7 +188,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
ChangePasswordRequest changePasswordRequest = new ChangePasswordRequest(username, password, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.changePassword(changePasswordRequest);
|
||||
assertEquals(HttpPost.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/" + changePasswordRequest.getUsername() + "/_password", request.getEndpoint());
|
||||
assertEquals("/_security/user/" + changePasswordRequest.getUsername() + "/_password", request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(changePasswordRequest, request.getEntity());
|
||||
}
|
||||
|
@ -200,7 +200,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
ChangePasswordRequest changePasswordRequest = new ChangePasswordRequest(null, password, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.changePassword(changePasswordRequest);
|
||||
assertEquals(HttpPost.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/user/_password", request.getEndpoint());
|
||||
assertEquals("/_security/user/_password", request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(changePasswordRequest, request.getEntity());
|
||||
}
|
||||
|
@ -219,7 +219,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
final Request request = SecurityRequestConverters.deleteRoleMapping(deleteRoleMappingRequest);
|
||||
|
||||
assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/role_mapping/" + roleMappingName, request.getEndpoint());
|
||||
assertEquals("/_security/role_mapping/" + roleMappingName, request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -231,9 +231,9 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
if (roles.length == 0) {
|
||||
assertEquals("/_xpack/security/role", request.getEndpoint());
|
||||
assertEquals("/_security/role", request.getEndpoint());
|
||||
} else {
|
||||
assertEquals("/_xpack/security/role/" + Strings.collectionToCommaDelimitedString(getRolesRequest.getRoleNames()),
|
||||
assertEquals("/_security/role/" + Strings.collectionToCommaDelimitedString(getRolesRequest.getRoleNames()),
|
||||
request.getEndpoint());
|
||||
}
|
||||
assertNull(request.getEntity());
|
||||
|
@ -247,7 +247,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
DeleteRoleRequest deleteRoleRequest = new DeleteRoleRequest(name, refreshPolicy);
|
||||
Request request = SecurityRequestConverters.deleteRole(deleteRoleRequest);
|
||||
assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/role/" + name, request.getEndpoint());
|
||||
assertEquals("/_security/role/" + name, request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -258,7 +258,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
CreateTokenRequest createTokenRequest = CreateTokenRequest.passwordGrant(username, password.toCharArray());
|
||||
Request request = SecurityRequestConverters.createToken(createTokenRequest);
|
||||
assertEquals(HttpPost.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/oauth2/token", request.getEndpoint());
|
||||
assertEquals("/_security/oauth2/token", request.getEndpoint());
|
||||
assertEquals(0, request.getParameters().size());
|
||||
assertToXContentBody(createTokenRequest, request.getEntity());
|
||||
}
|
||||
|
@ -268,7 +268,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
CreateTokenRequest createTokenRequest = CreateTokenRequest.refreshTokenGrant(refreshToken);
|
||||
Request request = SecurityRequestConverters.createToken(createTokenRequest);
|
||||
assertEquals(HttpPost.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/oauth2/token", request.getEndpoint());
|
||||
assertEquals("/_security/oauth2/token", request.getEndpoint());
|
||||
assertEquals(0, request.getParameters().size());
|
||||
assertToXContentBody(createTokenRequest, request.getEntity());
|
||||
}
|
||||
|
@ -277,7 +277,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
CreateTokenRequest createTokenRequest = CreateTokenRequest.clientCredentialsGrant();
|
||||
Request request = SecurityRequestConverters.createToken(createTokenRequest);
|
||||
assertEquals(HttpPost.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/oauth2/token", request.getEndpoint());
|
||||
assertEquals("/_security/oauth2/token", request.getEndpoint());
|
||||
assertEquals(0, request.getParameters().size());
|
||||
assertToXContentBody(createTokenRequest, request.getEntity());
|
||||
}
|
||||
|
@ -288,7 +288,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
GetPrivilegesRequest getPrivilegesRequest = new GetPrivilegesRequest(application, privilege);
|
||||
Request request = SecurityRequestConverters.getPrivileges(getPrivilegesRequest);
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege/" + application + "/" + privilege, request.getEndpoint());
|
||||
assertEquals("/_security/privilege/" + application + "/" + privilege, request.getEndpoint());
|
||||
assertEquals(Collections.emptyMap(), request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -298,7 +298,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
GetPrivilegesRequest getPrivilegesRequest = GetPrivilegesRequest.getApplicationPrivileges(application);
|
||||
Request request = SecurityRequestConverters.getPrivileges(getPrivilegesRequest);
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege/" + application, request.getEndpoint());
|
||||
assertEquals("/_security/privilege/" + application, request.getEndpoint());
|
||||
assertEquals(Collections.emptyMap(), request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -311,7 +311,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
GetPrivilegesRequest getPrivilegesRequest = new GetPrivilegesRequest(application, privilegeNames);
|
||||
Request request = SecurityRequestConverters.getPrivileges(getPrivilegesRequest);
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege/" + application + "/" + Strings.arrayToCommaDelimitedString(privilegeNames),
|
||||
assertEquals("/_security/privilege/" + application + "/" + Strings.arrayToCommaDelimitedString(privilegeNames),
|
||||
request.getEndpoint());
|
||||
assertEquals(Collections.emptyMap(), request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
|
@ -321,7 +321,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
GetPrivilegesRequest getPrivilegesRequest = GetPrivilegesRequest.getAllPrivileges();
|
||||
Request request = SecurityRequestConverters.getPrivileges(getPrivilegesRequest);
|
||||
assertEquals(HttpGet.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege", request.getEndpoint());
|
||||
assertEquals("/_security/privilege", request.getEndpoint());
|
||||
assertEquals(Collections.emptyMap(), request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
}
|
||||
|
@ -342,7 +342,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
final PutPrivilegesRequest putPrivilegesRequest = new PutPrivilegesRequest(privileges, refreshPolicy);
|
||||
final Request request = SecurityRequestConverters.putPrivileges(putPrivilegesRequest);
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege", request.getEndpoint());
|
||||
assertEquals("/_security/privilege", request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(putPrivilegesRequest, request.getEntity());
|
||||
}
|
||||
|
@ -356,7 +356,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
new DeletePrivilegesRequest(application, privileges.toArray(Strings.EMPTY_ARRAY), refreshPolicy);
|
||||
Request request = SecurityRequestConverters.deletePrivileges(deletePrivilegesRequest);
|
||||
assertEquals(HttpDelete.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/privilege/" + application + "/" + Strings.collectionToCommaDelimitedString(privileges),
|
||||
assertEquals("/_security/privilege/" + application + "/" + Strings.collectionToCommaDelimitedString(privileges),
|
||||
request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertNull(request.getEntity());
|
||||
|
@ -390,7 +390,7 @@ public class SecurityRequestConvertersTests extends ESTestCase {
|
|||
final PutRoleRequest putRoleRequest = new PutRoleRequest(role, refreshPolicy);
|
||||
final Request request = SecurityRequestConverters.putRole(putRoleRequest);
|
||||
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
|
||||
assertEquals("/_xpack/security/role/" + roleName, request.getEndpoint());
|
||||
assertEquals("/_security/role/" + roleName, request.getEndpoint());
|
||||
assertEquals(expectedParams, request.getParameters());
|
||||
assertToXContentBody(putRoleRequest, request.getEntity());
|
||||
}
|
||||
|
|
|
@ -446,7 +446,7 @@ setups['calendar_outages_addevent'] = setups['calendar_outages_addjob'] + '''
|
|||
'''
|
||||
setups['role_mapping'] = '''
|
||||
- do:
|
||||
xpack.security.put_role_mapping:
|
||||
security.put_role_mapping:
|
||||
name: "mapping1"
|
||||
body: >
|
||||
{
|
||||
|
@ -712,7 +712,7 @@ setups['sensor_prefab_data'] = '''
|
|||
'''
|
||||
setups['admin_role'] = '''
|
||||
- do:
|
||||
xpack.security.put_role:
|
||||
security.put_role:
|
||||
name: "my_admin_role"
|
||||
body: >
|
||||
{
|
||||
|
@ -726,7 +726,7 @@ setups['admin_role'] = '''
|
|||
'''
|
||||
setups['jacknich_user'] = '''
|
||||
- do:
|
||||
xpack.security.put_user:
|
||||
security.put_user:
|
||||
username: "jacknich"
|
||||
body: >
|
||||
{
|
||||
|
@ -739,7 +739,7 @@ setups['jacknich_user'] = '''
|
|||
'''
|
||||
setups['app0102_privileges'] = '''
|
||||
- do:
|
||||
xpack.security.put_privileges:
|
||||
security.put_privileges:
|
||||
body: >
|
||||
{
|
||||
"myapp": {
|
||||
|
|
|
@ -8,7 +8,7 @@ authenticate a user and retrieve information about the authenticated user.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET _xpack/security/_authenticate`
|
||||
`GET /_security/_authenticate`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -21,11 +21,11 @@ If the user cannot be authenticated, this API returns a 401 status code.
|
|||
==== Examples
|
||||
|
||||
To authenticate a user, submit a GET request to the
|
||||
`_xpack/security/_authenticate` endpoint:
|
||||
`/_security/_authenticate` endpoint:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET _xpack/security/_authenticate
|
||||
GET /_security/_authenticate
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
||||
|
|
|
@ -6,9 +6,9 @@ Changes the passwords of users in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST _xpack/security/user/_password` +
|
||||
`POST /_security/user/_password` +
|
||||
|
||||
`POST _xpack/security/user/<username>/_password`
|
||||
`POST /_security/user/<username>/_password`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -45,7 +45,7 @@ The following example updates the password for the `jacknich` user:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/user/jacknich/_password
|
||||
POST /_security/user/jacknich/_password
|
||||
{
|
||||
"password" : "s3cr3t"
|
||||
}
|
||||
|
|
|
@ -7,9 +7,9 @@ the cache or evict specific users.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST _xpack/security/realm/<realms>/_clear_cache` +
|
||||
`POST /_security/realm/<realms>/_clear_cache` +
|
||||
|
||||
`POST _xpack/security/realm/<realms>/_clear_cache?usernames=<usernames>`
|
||||
`POST /_security/realm/<realms>/_clear_cache?usernames=<usernames>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -37,7 +37,7 @@ For example, to evict all users cached by the `file` realm:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST _xpack/security/realm/default_file/_clear_cache
|
||||
POST /_security/realm/default_file/_clear_cache
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
||||
|
@ -45,7 +45,7 @@ To evict selected users, specify the `usernames` parameter:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST _xpack/security/realm/default_file/_clear_cache?usernames=rdeniro,alpacino
|
||||
POST /_security/realm/default_file/_clear_cache?usernames=rdeniro,alpacino
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
||||
|
@ -54,6 +54,6 @@ list:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST _xpack/security/realm/default_file,ldap1/_clear_cache
|
||||
POST /_security/realm/default_file,ldap1/_clear_cache
|
||||
------------------------------------------------------------
|
||||
// CONSOLE
|
||||
|
|
|
@ -6,7 +6,7 @@ Evicts roles from the native role cache.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/role/<name>/_clear_cache`
|
||||
`POST /_security/role/<name>/_clear_cache`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -34,6 +34,6 @@ to clear the cache for `my_admin_role`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/role/my_admin_role/_clear_cache
|
||||
POST /_security/role/my_admin_role/_clear_cache
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
|
|
@ -6,9 +6,9 @@ Creates and updates role mappings.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/role_mapping/<name>` +
|
||||
`POST /_security/role_mapping/<name>` +
|
||||
|
||||
`PUT /_xpack/security/role_mapping/<name>`
|
||||
`PUT /_security/role_mapping/<name>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -68,7 +68,7 @@ The following example assigns the "user" role to all users:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping1
|
||||
POST /_security/role_mapping/mapping1
|
||||
{
|
||||
"roles": [ "user"],
|
||||
"enabled": true, <1>
|
||||
|
@ -103,7 +103,7 @@ The following example assigns the "user" and "admin" roles to specific users:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping2
|
||||
POST /_security/role_mapping/mapping2
|
||||
{
|
||||
"roles": [ "user", "admin" ],
|
||||
"enabled": true,
|
||||
|
@ -119,7 +119,7 @@ or the user is in the `cn=admin,dc=example,dc=com` group:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping3
|
||||
POST /_security/role_mapping/mapping3
|
||||
{
|
||||
"roles": [ "superuser" ],
|
||||
"enabled": true,
|
||||
|
@ -144,7 +144,7 @@ POST /_xpack/security/role_mapping/mapping3
|
|||
The following example matches users who authenticated against a specific realm:
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping4
|
||||
POST /_security/role_mapping/mapping4
|
||||
{
|
||||
"roles": [ "ldap-user" ],
|
||||
"enabled": true,
|
||||
|
@ -159,7 +159,7 @@ The following example matches users within a specific LDAP sub-tree:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping5
|
||||
POST /_security/role_mapping/mapping5
|
||||
{
|
||||
"roles": [ "example-user" ],
|
||||
"enabled": true,
|
||||
|
@ -175,7 +175,7 @@ specific realm:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping6
|
||||
POST /_security/role_mapping/mapping6
|
||||
{
|
||||
"roles": [ "ldap-example-user" ],
|
||||
"enabled": true,
|
||||
|
@ -200,7 +200,7 @@ following mapping matches any user where *all* of these conditions are met:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
POST /_xpack/security/role_mapping/mapping7
|
||||
POST /_security/role_mapping/mapping7
|
||||
{
|
||||
"roles": [ "superuser" ],
|
||||
"enabled": true,
|
||||
|
|
|
@ -6,9 +6,9 @@ Adds and updates roles in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/role/<name>` +
|
||||
`POST /_security/role/<name>` +
|
||||
|
||||
`PUT /_xpack/security/role/<name>`
|
||||
`PUT /_security/role/<name>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -77,7 +77,7 @@ The following example adds a role called `my_admin_role`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/role/my_admin_role
|
||||
POST /_security/role/my_admin_role
|
||||
{
|
||||
"cluster": ["all"],
|
||||
"indices": [
|
||||
|
|
|
@ -8,9 +8,9 @@ to as _native users_.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/user/<username>` +
|
||||
`POST /_security/user/<username>` +
|
||||
|
||||
`PUT /_xpack/security/user/<username>`
|
||||
`PUT /_security/user/<username>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -95,7 +95,7 @@ The following example creates a user `jacknich`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/user/jacknich
|
||||
POST /_security/user/jacknich
|
||||
{
|
||||
"password" : "j@rV1s",
|
||||
"roles" : [ "admin", "other_role1" ],
|
||||
|
|
|
@ -7,7 +7,7 @@ Removes
|
|||
|
||||
==== Request
|
||||
|
||||
`DELETE /_xpack/security/privilege/<application>/<privilege>`
|
||||
`DELETE /_security/privilege/<application>/<privilege>`
|
||||
|
||||
//==== Description
|
||||
|
||||
|
@ -37,7 +37,7 @@ The following example deletes the `read` application privilege from the
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/privilege/myapp/read
|
||||
DELETE /_security/privilege/myapp/read
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:app0102_privileges]
|
||||
|
|
|
@ -6,7 +6,7 @@ Removes role mappings.
|
|||
|
||||
==== Request
|
||||
|
||||
`DELETE /_xpack/security/role_mapping/<name>`
|
||||
`DELETE /_security/role_mapping/<name>`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -33,7 +33,7 @@ The following example delete a role mapping:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/role_mapping/mapping1
|
||||
DELETE /_security/role_mapping/mapping1
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:role_mapping]
|
||||
|
|
|
@ -6,7 +6,7 @@ Removes roles in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`DELETE /_xpack/security/role/<name>`
|
||||
`DELETE /_security/role/<name>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -35,7 +35,7 @@ The following example deletes a `my_admin_role` role:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/role/my_admin_role
|
||||
DELETE /_security/role/my_admin_role
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:admin_role]
|
||||
|
|
|
@ -6,7 +6,7 @@ Deletes users from the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`DELETE /_xpack/security/user/<username>`
|
||||
`DELETE /_security/user/<username>`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -31,7 +31,7 @@ The following example deletes the user `jacknich`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/user/jacknich
|
||||
DELETE /_security/user/jacknich
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:jacknich_user]
|
||||
|
|
|
@ -7,7 +7,7 @@ Disables users in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`PUT /_xpack/security/user/<username>/_disable`
|
||||
`PUT /_security/user/<username>/_disable`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -37,7 +37,7 @@ The following example disables the user `jacknich`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/user/jacknich/_disable
|
||||
PUT /_security/user/jacknich/_disable
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:jacknich_user]
|
||||
|
|
|
@ -7,7 +7,7 @@ Enables users in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`PUT /_xpack/security/user/<username>/_enable`
|
||||
`PUT /_security/user/<username>/_enable`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -36,7 +36,7 @@ The following example enables the user `jacknich`:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/user/jacknich/_enable
|
||||
PUT /_security/user/jacknich/_enable
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:jacknich_user]
|
||||
|
|
|
@ -7,11 +7,11 @@ Retrieves
|
|||
|
||||
==== Request
|
||||
|
||||
`GET /_xpack/security/privilege` +
|
||||
`GET /_security/privilege` +
|
||||
|
||||
`GET /_xpack/security/privilege/<application>` +
|
||||
`GET /_security/privilege/<application>` +
|
||||
|
||||
`GET /_xpack/security/privilege/<application>/<privilege>`
|
||||
`GET /_security/privilege/<application>/<privilege>`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -49,7 +49,7 @@ The following example retrieves information about the `read` privilege for the
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/privilege/myapp/read
|
||||
GET /_security/privilege/myapp/read
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:app0102_privileges]
|
||||
|
@ -81,7 +81,7 @@ To retrieve all privileges for an application, omit the privilege name:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/privilege/myapp/
|
||||
GET /_security/privilege/myapp/
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
||||
|
@ -89,6 +89,6 @@ To retrieve every privilege, omit both the application and privilege names:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/privilege/
|
||||
GET /_security/privilege/
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
|
|
|
@ -6,9 +6,9 @@ Retrieves role mappings.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET /_xpack/security/role_mapping` +
|
||||
`GET /_security/role_mapping` +
|
||||
|
||||
`GET /_xpack/security/role_mapping/<name>`
|
||||
`GET /_security/role_mapping/<name>`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -48,7 +48,7 @@ The following example retrieves information about the `mapping1` role mapping:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/role_mapping/mapping1
|
||||
GET /_security/role_mapping/mapping1
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:role_mapping]
|
||||
|
|
|
@ -6,9 +6,9 @@ Retrieves roles in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET /_xpack/security/role` +
|
||||
`GET /_security/role` +
|
||||
|
||||
`GET /_xpack/security/role/<name>` +
|
||||
`GET /_security/role/<name>` +
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -37,7 +37,7 @@ the native realm:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/role/my_admin_role
|
||||
GET /_security/role/my_admin_role
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:admin_role]
|
||||
|
@ -75,7 +75,7 @@ To retrieve all roles, omit the role name:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/role
|
||||
GET /_security/role
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[continued]
|
||||
|
|
|
@ -6,7 +6,7 @@ Creates a bearer token for access without requiring basic authentication.
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/oauth2/token`
|
||||
`POST /_security/oauth2/token`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -68,7 +68,7 @@ which simply creates a token as the authenticated user:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/oauth2/token
|
||||
POST /_security/oauth2/token
|
||||
{
|
||||
"grant_type" : "client_credentials"
|
||||
}
|
||||
|
@ -103,7 +103,7 @@ The following example obtains a token for the `test_admin` user using the
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/oauth2/token
|
||||
POST /_security/oauth2/token
|
||||
{
|
||||
"grant_type" : "password",
|
||||
"username" : "test_admin",
|
||||
|
@ -134,7 +134,7 @@ creation. For example:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/oauth2/token
|
||||
POST /_security/oauth2/token
|
||||
{
|
||||
"grant_type": "refresh_token",
|
||||
"refresh_token": "vLBPvmAB6KvwvJZr27cS"
|
||||
|
|
|
@ -7,9 +7,9 @@ Retrieves information about users in the native realm.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET /_xpack/security/user` +
|
||||
`GET /_security/user` +
|
||||
|
||||
`GET /_xpack/security/user/<username>`
|
||||
`GET /_security/user/<username>`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -31,12 +31,12 @@ To use this API, you must have at least the `manage_security` cluster privilege.
|
|||
|
||||
==== Examples
|
||||
|
||||
To retrieve a native user, submit a GET request to the `/_xpack/security/user/<username>`
|
||||
To retrieve a native user, submit a GET request to the `/_security/user/<username>`
|
||||
endpoint:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/user/jacknich
|
||||
GET /_security/user/jacknich
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[setup:jacknich_user]
|
||||
|
@ -68,7 +68,7 @@ Omit the username to retrieve all users:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/security/user
|
||||
GET /_security/user
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[continued]
|
||||
|
|
|
@ -9,7 +9,7 @@ a specified list of privileges.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET _xpack/security/user/_has_privileges`
|
||||
`GET /_security/user/_has_privileges`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -53,7 +53,7 @@ cluster, index, and application privileges:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET _xpack/security/user/_has_privileges
|
||||
GET /_security/user/_has_privileges
|
||||
{
|
||||
"cluster": [ "monitor", "manage" ],
|
||||
"index" : [
|
||||
|
|
|
@ -6,7 +6,7 @@ Invalidates an access token or a refresh token.
|
|||
|
||||
==== Request
|
||||
|
||||
`DELETE /_xpack/security/oauth2/token`
|
||||
`DELETE /_security/oauth2/token`
|
||||
|
||||
==== Description
|
||||
|
||||
|
@ -41,7 +41,7 @@ The following example invalidates the specified token immediately:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/oauth2/token
|
||||
DELETE /_security/oauth2/token
|
||||
{
|
||||
"token" : "dGhpcyBpcyBub3QgYSByZWFsIHRva2VuIGJ1dCBpdCBpcyBvbmx5IHRlc3QgZGF0YS4gZG8gbm90IHRyeSB0byByZWFkIHRva2VuIQ=="
|
||||
}
|
||||
|
@ -52,7 +52,7 @@ whereas the following example invalidates the specified refresh token immediatel
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
DELETE /_xpack/security/oauth2/token
|
||||
DELETE /_security/oauth2/token
|
||||
{
|
||||
"refresh_token" : "movUJjPGRRC0PQ7+NW0eag"
|
||||
}
|
||||
|
|
|
@ -7,9 +7,9 @@ Adds or updates
|
|||
|
||||
==== Request
|
||||
|
||||
`POST /_xpack/security/privilege` +
|
||||
`POST /_security/privilege` +
|
||||
|
||||
`PUT /_xpack/security/privilege`
|
||||
`PUT /_security/privilege`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -70,11 +70,11 @@ To use this API, you must have either:
|
|||
==== Examples
|
||||
|
||||
To add a single privilege, submit a PUT or POST request to the
|
||||
`/_xpack/security/privilege/<application>/<privilege>` endpoint. For example:
|
||||
`/_security/privilege/<application>/<privilege>` endpoint. For example:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/privilege
|
||||
PUT /_security/privilege
|
||||
{
|
||||
"myapp": {
|
||||
"read": {
|
||||
|
@ -116,11 +116,11 @@ been created or updated.
|
|||
<1> When an existing privilege is updated, `created` is set to false.
|
||||
|
||||
To add multiple privileges, submit a POST request to the
|
||||
`/_xpack/security/privilege/` endpoint. For example:
|
||||
`/_security/privilege/` endpoint. For example:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/privilege
|
||||
PUT /_security/privilege
|
||||
{
|
||||
"app01": {
|
||||
"read": {
|
||||
|
|
|
@ -7,7 +7,7 @@ certificates that are used to encrypt communications in your {es} cluster.
|
|||
|
||||
==== Request
|
||||
|
||||
`GET /_xpack/ssl/certificates`
|
||||
`GET /_ssl/certificates`
|
||||
|
||||
|
||||
==== Description
|
||||
|
@ -75,7 +75,7 @@ node of {es}:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
GET /_xpack/ssl/certificates
|
||||
GET /_xpack/certificates
|
||||
--------------------------------------------------
|
||||
// CONSOLE
|
||||
// TEST[skip:todo]
|
||||
|
|
|
@ -187,7 +187,7 @@ role.
|
|||
Configured via the role-mapping API:
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/admins
|
||||
PUT /_security/role_mapping/admins
|
||||
{
|
||||
"roles" : [ "monitoring" , "user" ],
|
||||
"rules" : { "field" : {
|
||||
|
@ -201,7 +201,7 @@ PUT _xpack/security/role_mapping/admins
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/basic_users
|
||||
PUT /_security/role_mapping/basic_users
|
||||
{
|
||||
"roles" : [ "user" ],
|
||||
"rules" : { "any": [
|
||||
|
|
|
@ -153,7 +153,7 @@ The following example uses the role mapping API to map `user@REALM` to the roles
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST _xpack/security/role_mapping/kerbrolemapping
|
||||
POST /_security/role_mapping/kerbrolemapping
|
||||
{
|
||||
"roles" : [ "monitoring_user" ],
|
||||
"enabled": true,
|
||||
|
|
|
@ -147,7 +147,7 @@ names. For example, the following mapping configuration maps the LDAP
|
|||
Configured via the role-mapping API:
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/admins
|
||||
PUT /_security/role_mapping/admins
|
||||
{
|
||||
"roles" : [ "monitoring" , "user" ],
|
||||
"rules" : { "field" : {
|
||||
|
@ -161,7 +161,7 @@ PUT _xpack/security/role_mapping/admins
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/basic_users
|
||||
PUT /_security/role_mapping/basic_users
|
||||
{
|
||||
"roles" : [ "user" ],
|
||||
"rules" : { "field" : {
|
||||
|
|
|
@ -140,7 +140,7 @@ For example, the following mapping configuration maps `John Doe` to the
|
|||
Using the role-mapping API:
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/users
|
||||
PUT /_security/role_mapping/users
|
||||
{
|
||||
"roles" : [ "user" ],
|
||||
"rules" : { "field" : {
|
||||
|
|
|
@ -630,7 +630,7 @@ to any user who authenticates against the `saml1` realm:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/role_mapping/saml-kibana
|
||||
PUT /_security/role_mapping/saml-kibana
|
||||
{
|
||||
"roles": [ "kibana_user" ],
|
||||
"enabled": true,
|
||||
|
@ -667,7 +667,7 @@ via the `saml1` realm with the `finance-team` group.
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT /_xpack/security/role_mapping/saml-finance
|
||||
PUT /_security/role_mapping/saml-finance
|
||||
{
|
||||
"roles": [ "finance_data" ],
|
||||
"enabled": true,
|
||||
|
|
|
@ -25,7 +25,7 @@ all users from the `ad1` realm:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
$ curl -XPOST 'http://localhost:9200/_xpack/security/realm/ad1/_clear_cache'
|
||||
$ curl -XPOST 'http://localhost:9200/_security/realm/ad1/_clear_cache'
|
||||
------------------------------------------------------------
|
||||
|
||||
To clear the cache for multiple realms, specify the realms as a comma-separated
|
||||
|
@ -33,12 +33,12 @@ list:
|
|||
|
||||
[source, js]
|
||||
------------------------------------------------------------
|
||||
$ curl -XPOST 'http://localhost:9200/_xpack/security/realm/ad1,ad2/_clear_cache'
|
||||
$ curl -XPOST 'http://localhost:9200/_security/realm/ad1,ad2/_clear_cache'
|
||||
------------------------------------------------------------
|
||||
|
||||
You can also evict specific users:
|
||||
|
||||
[source, java]
|
||||
------------------------------------------------------------
|
||||
$ curl -XPOST 'http://localhost:9200/_xpack/security/realm/ad1/_clear_cache?usernames=rdeniro,alpacino'
|
||||
$ curl -XPOST 'http://localhost:9200/_security/realm/ad1/_clear_cache?usernames=rdeniro,alpacino'
|
||||
------------------------------------------------------------
|
||||
|
|
|
@ -146,7 +146,7 @@ no effect, and will not grant any actions in the
|
|||
The following snippet shows an example definition of a `clicks_admin` role:
|
||||
[source,js]
|
||||
-----------
|
||||
POST /_xpack/security/role/clicks_admin
|
||||
POST /_security/role/clicks_admin
|
||||
{
|
||||
"run_as": [ "clicks_watcher_1" ],
|
||||
"cluster": [ "monitor" ],
|
||||
|
|
|
@ -92,7 +92,7 @@ user:
|
|||
You can use the role-mapping API to define equivalent mappings as follows:
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/admins
|
||||
PUT /_security/role_mapping/admins
|
||||
{
|
||||
"roles" : [ "monitoring", "user" ],
|
||||
"rules" : { "field" : { "groups" : "cn=admins,dc=example,dc=com" } },
|
||||
|
@ -103,7 +103,7 @@ PUT _xpack/security/role_mapping/admins
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/basic_users
|
||||
PUT /_security/role_mapping/basic_users
|
||||
{
|
||||
"roles" : [ "user" ],
|
||||
"rules" : { "any" : [
|
||||
|
@ -136,7 +136,7 @@ The following example creates equivalent mappings using the API:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/admin_user
|
||||
PUT /_security/role_mapping/admin_user
|
||||
{
|
||||
"roles" : [ "monitoring" ],
|
||||
"rules" : { "field" : { "dn" : "cn=Admin,ou=example,o=com" } },
|
||||
|
@ -147,7 +147,7 @@ PUT _xpack/security/role_mapping/admin_user
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT _xpack/security/role_mapping/basic_user
|
||||
PUT /_security/role_mapping/basic_user
|
||||
{
|
||||
"roles" : [ "user" ],
|
||||
"rules" : { "field" : { "dn" : "cn=John Doe,ou=example,o=com" } },
|
||||
|
|
|
@ -14,7 +14,7 @@ of the current authenticated user:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/role/example1
|
||||
POST /_security/role/example1
|
||||
{
|
||||
"indices" : [
|
||||
{
|
||||
|
@ -51,7 +51,7 @@ based on the `group.id` field in your documents:
|
|||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
POST /_xpack/security/role/example2
|
||||
POST /_security/role/example2
|
||||
{
|
||||
"indices" : [
|
||||
{
|
||||
|
|
|
@ -95,7 +95,7 @@ On cluster `one`, this role does not need any special privileges:
|
|||
|
||||
[source,js]
|
||||
-----------------------------------------------------------
|
||||
POST /_xpack/security/role/cluster_two_logs
|
||||
POST /_security/role/cluster_two_logs
|
||||
{
|
||||
}
|
||||
-----------------------------------------------------------
|
||||
|
@ -106,7 +106,7 @@ On cluster `two`, this role allows the user to query local indices called
|
|||
|
||||
[source,js]
|
||||
-----------------------------------------------------------
|
||||
POST /_xpack/security/role/cluster_two_logs
|
||||
POST /_security/role/cluster_two_logs
|
||||
{
|
||||
"cluster": [],
|
||||
"indices": [
|
||||
|
@ -128,7 +128,7 @@ Finally, create a user on cluster `one` and apply the `cluster_two_logs` role:
|
|||
|
||||
[source,js]
|
||||
-----------------------------------------------------------
|
||||
POST /_xpack/security/user/alice
|
||||
POST /_security/user/alice
|
||||
{
|
||||
"password" : "somepassword",
|
||||
"roles" : [ "cluster_two_logs" ],
|
||||
|
|
|
@ -91,7 +91,7 @@ and assign the role to a new `johndoe` user.
|
|||
--
|
||||
[source,shell]
|
||||
----------------------------------------------------------
|
||||
curl -XPOST -u elastic 'localhost:9200/_xpack/security/role/events_admin' -H "Content-Type: application/json" -d '{
|
||||
curl -XPOST -u elastic 'localhost:9200/_security/role/events_admin' -H "Content-Type: application/json" -d '{
|
||||
"indices" : [
|
||||
{
|
||||
"names" : [ "events*" ],
|
||||
|
@ -104,7 +104,7 @@ curl -XPOST -u elastic 'localhost:9200/_xpack/security/role/events_admin' -H "Co
|
|||
]
|
||||
}'
|
||||
|
||||
curl -XPOST -u elastic 'localhost:9200/_xpack/security/user/johndoe' -H "Content-Type: application/json" -d '{
|
||||
curl -XPOST -u elastic 'localhost:9200/_security/user/johndoe' -H "Content-Type: application/json" -d '{
|
||||
"password" : "userpassword",
|
||||
"full_name" : "John Doe",
|
||||
"email" : "john.doe@anony.mous",
|
||||
|
|
|
@ -125,7 +125,7 @@ public class XDocsClientYamlTestSuiteIT extends XPackRestIT {
|
|||
*/
|
||||
@After
|
||||
public void deleteUsers() throws Exception {
|
||||
ClientYamlTestResponse response = getAdminExecutionContext().callApi("xpack.security.get_user", emptyMap(), emptyList(),
|
||||
ClientYamlTestResponse response = getAdminExecutionContext().callApi("security.get_user", emptyMap(), emptyList(),
|
||||
emptyMap());
|
||||
@SuppressWarnings("unchecked")
|
||||
Map<String, Object> users = (Map<String, Object>) response.getBody();
|
||||
|
@ -134,7 +134,7 @@ public class XDocsClientYamlTestSuiteIT extends XPackRestIT {
|
|||
Boolean reserved = metaDataMap == null ? null : (Boolean) metaDataMap.get("_reserved");
|
||||
if (reserved == null || reserved == false) {
|
||||
logger.warn("Deleting leftover user {}", user);
|
||||
getAdminExecutionContext().callApi("xpack.security.delete_user", singletonMap("username", user), emptyList(), emptyMap());
|
||||
getAdminExecutionContext().callApi("security.delete_user", singletonMap("username", user), emptyList(), emptyMap());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.core.ssl.rest;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.rest.BaseRestHandler;
|
||||
|
@ -28,14 +30,20 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
*/
|
||||
public class RestGetCertificateInfoAction extends BaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestGetCertificateInfoAction.class));
|
||||
|
||||
public RestGetCertificateInfoAction(Settings settings, RestController controller) {
|
||||
super(settings);
|
||||
controller.registerHandler(GET, "/_xpack/ssl/certificates", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_ssl/certificates", this,
|
||||
GET, "/_xpack/ssl/certificates", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_ssl_get_certificates";
|
||||
return "ssl_get_certificates";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -56,7 +56,7 @@ public class DatafeedJobsRestIT extends ESRestTestCase {
|
|||
}
|
||||
|
||||
private void setupDataAccessRole(String index) throws IOException {
|
||||
Request request = new Request("PUT", "/_xpack/security/role/test_data_access");
|
||||
Request request = new Request("PUT", "/_security/role/test_data_access");
|
||||
request.setJsonEntity("{"
|
||||
+ " \"indices\" : ["
|
||||
+ " { \"names\": [\"" + index + "\"], \"privileges\": [\"read\"] }"
|
||||
|
@ -66,7 +66,7 @@ public class DatafeedJobsRestIT extends ESRestTestCase {
|
|||
}
|
||||
|
||||
private void setupFullAccessRole(String index) throws IOException {
|
||||
Request request = new Request("PUT", "/_xpack/security/role/test_data_access");
|
||||
Request request = new Request("PUT", "/_security/role/test_data_access");
|
||||
request.setJsonEntity("{"
|
||||
+ " \"indices\" : ["
|
||||
+ " { \"names\": [\"" + index + "\"], \"privileges\": [\"all\"] }"
|
||||
|
@ -78,7 +78,7 @@ public class DatafeedJobsRestIT extends ESRestTestCase {
|
|||
private void setupUser(String user, List<String> roles) throws IOException {
|
||||
String password = new String(SecuritySettingsSourceField.TEST_PASSWORD_SECURE_STRING.getChars());
|
||||
|
||||
Request request = new Request("PUT", "/_xpack/security/user/" + user);
|
||||
Request request = new Request("PUT", "/_security/user/" + user);
|
||||
request.setJsonEntity("{"
|
||||
+ " \"password\" : \"" + password + "\","
|
||||
+ " \"roles\" : [ " + roles.stream().map(unquoted -> "\"" + unquoted + "\"").collect(Collectors.joining(", ")) + " ]"
|
||||
|
|
|
@ -204,7 +204,7 @@ public class ESNativeRealmMigrateTool extends LoggingAwareMultiCommand {
|
|||
|
||||
Set<String> getUsersThatExist(Terminal terminal, Settings settings, Environment env, OptionSet options) throws Exception {
|
||||
Set<String> existingUsers = new HashSet<>();
|
||||
String allUsersJson = postURL(settings, env, "GET", this.url.value(options) + "/_xpack/security/user/", options, null);
|
||||
String allUsersJson = postURL(settings, env, "GET", this.url.value(options) + "/_security/user/", options, null);
|
||||
// EMPTY is safe here because we never use namedObject
|
||||
try (XContentParser parser = JsonXContent.jsonXContent
|
||||
.createParser(NamedXContentRegistry.EMPTY, LoggingDeprecationHandler.INSTANCE, allUsersJson)) {
|
||||
|
@ -277,7 +277,7 @@ public class ESNativeRealmMigrateTool extends LoggingAwareMultiCommand {
|
|||
try {
|
||||
reqBody = createUserJson(userToRoles.get(user), userToHashedPW.get(user));
|
||||
String resp = postURL(env.settings(), env, "POST",
|
||||
this.url.value(options) + "/_xpack/security/user/" + user, options, reqBody);
|
||||
this.url.value(options) + "/_security/user/" + user, options, reqBody);
|
||||
terminal.println(resp);
|
||||
} catch (Exception e) {
|
||||
throw new ElasticsearchException("failed to migrate user [" + user + "] with body: " + reqBody, e);
|
||||
|
@ -287,7 +287,7 @@ public class ESNativeRealmMigrateTool extends LoggingAwareMultiCommand {
|
|||
|
||||
Set<String> getRolesThatExist(Terminal terminal, Settings settings, Environment env, OptionSet options) throws Exception {
|
||||
Set<String> existingRoles = new HashSet<>();
|
||||
String allRolesJson = postURL(settings, env, "GET", this.url.value(options) + "/_xpack/security/role/", options, null);
|
||||
String allRolesJson = postURL(settings, env, "GET", this.url.value(options) + "/_security/role/", options, null);
|
||||
// EMPTY is safe here because we never use namedObject
|
||||
try (XContentParser parser = JsonXContent.jsonXContent
|
||||
.createParser(NamedXContentRegistry.EMPTY, LoggingDeprecationHandler.INSTANCE, allRolesJson)) {
|
||||
|
@ -346,7 +346,7 @@ public class ESNativeRealmMigrateTool extends LoggingAwareMultiCommand {
|
|||
try {
|
||||
reqBody = createRoleJson(roles.get(roleName));
|
||||
String resp = postURL(env.settings(), env, "POST",
|
||||
this.url.value(options) + "/_xpack/security/role/" + roleName, options, reqBody);
|
||||
this.url.value(options) + "/_security/role/" + roleName, options, reqBody);
|
||||
terminal.println(resp);
|
||||
} catch (Exception e) {
|
||||
throw new ElasticsearchException("failed to migrate role [" + roleName + "] with body: " + reqBody, e);
|
||||
|
|
|
@ -292,7 +292,7 @@ public class SetupPasswordTool extends LoggingAwareMultiCommand {
|
|||
* @param terminal where to write verbose info.
|
||||
*/
|
||||
void checkElasticKeystorePasswordValid(Terminal terminal, Environment env) throws Exception {
|
||||
URL route = createURL(url, "/_xpack/security/_authenticate", "?pretty");
|
||||
URL route = createURL(url, "/_security/_authenticate", "?pretty");
|
||||
terminal.println(Verbosity.VERBOSE, "");
|
||||
terminal.println(Verbosity.VERBOSE, "Testing if bootstrap password is valid for " + route.toString());
|
||||
try {
|
||||
|
@ -449,7 +449,7 @@ public class SetupPasswordTool extends LoggingAwareMultiCommand {
|
|||
* @param password the new password of the user.
|
||||
*/
|
||||
private void changeUserPassword(String user, SecureString password, Terminal terminal) throws Exception {
|
||||
URL route = createURL(url, "/_xpack/security/user/" + user + "/_password", "?pretty");
|
||||
URL route = createURL(url, "/_security/user/" + user + "/_password", "?pretty");
|
||||
terminal.println(Verbosity.VERBOSE, "");
|
||||
terminal.println(Verbosity.VERBOSE, "Trying user password change call " + route.toString());
|
||||
try {
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ToXContent;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -29,17 +31,21 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
public class RestAuthenticateAction extends SecurityBaseRestHandler {
|
||||
|
||||
private final SecurityContext securityContext;
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestAuthenticateAction.class));
|
||||
|
||||
public RestAuthenticateAction(Settings settings, RestController controller, SecurityContext securityContext,
|
||||
XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
this.securityContext = securityContext;
|
||||
controller.registerHandler(GET, "/_xpack/security/_authenticate", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/_authenticate", this,
|
||||
GET, "/_xpack/security/_authenticate", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_authenticate_action";
|
||||
return "security_authenticate_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.oauth2;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.action.Action;
|
||||
|
@ -12,6 +13,7 @@ import org.elasticsearch.action.ActionListener;
|
|||
import org.elasticsearch.action.ActionRequestValidationException;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.SecureString;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ConstructingObjectParser;
|
||||
|
@ -45,6 +47,7 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
*/
|
||||
public final class RestGetTokenAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestGetTokenAction.class));
|
||||
static final ConstructingObjectParser<CreateTokenRequest, Void> PARSER = new ConstructingObjectParser<>("token_request",
|
||||
a -> new CreateTokenRequest((String) a[0], (String) a[1], (SecureString) a[2], (String) a[3], (String) a[4]));
|
||||
static {
|
||||
|
@ -59,12 +62,15 @@ public final class RestGetTokenAction extends SecurityBaseRestHandler {
|
|||
|
||||
public RestGetTokenAction(Settings settings, RestController controller, XPackLicenseState xPackLicenseState) {
|
||||
super(settings, xPackLicenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/oauth2/token", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/oauth2/token", this,
|
||||
POST, "/_xpack/security/oauth2/token", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_get_token_action";
|
||||
return "security_get_token_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,10 +5,12 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.oauth2;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.collect.Tuple;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ConstructingObjectParser;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -34,6 +36,7 @@ import static org.elasticsearch.rest.RestRequest.Method.DELETE;
|
|||
*/
|
||||
public final class RestInvalidateTokenAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestInvalidateTokenAction.class));
|
||||
static final ConstructingObjectParser<Tuple<String, String>, Void> PARSER =
|
||||
new ConstructingObjectParser<>("invalidate_token", a -> new Tuple<>((String) a[0], (String) a[1]));
|
||||
static {
|
||||
|
@ -43,12 +46,15 @@ public final class RestInvalidateTokenAction extends SecurityBaseRestHandler {
|
|||
|
||||
public RestInvalidateTokenAction(Settings settings, RestController controller, XPackLicenseState xPackLicenseState) {
|
||||
super(settings, xPackLicenseState);
|
||||
controller.registerHandler(DELETE, "/_xpack/security/oauth2/token", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
DELETE, "/_security/oauth2/token", this,
|
||||
DELETE, "/_xpack/security/oauth2/token", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_invalidate_token_action";
|
||||
return "security_invalidate_token_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.privilege;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -31,14 +33,20 @@ import static org.elasticsearch.rest.RestRequest.Method.DELETE;
|
|||
*/
|
||||
public class RestDeletePrivilegesAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestDeletePrivilegesAction.class));
|
||||
|
||||
public RestDeletePrivilegesAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(DELETE, "/_xpack/security/privilege/{application}/{privilege}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
DELETE, "/_security/privilege/{application}/{privilege}", this,
|
||||
DELETE, "/_xpack/security/privilege/{application}/{privilege}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_delete_privilege_action";
|
||||
return "security_delete_privilege_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,8 +5,10 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.privilege;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.set.Sets;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -36,16 +38,25 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
*/
|
||||
public class RestGetPrivilegesAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestGetPrivilegesAction.class));
|
||||
|
||||
public RestGetPrivilegesAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(GET, "/_xpack/security/privilege/", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/privilege/{application}", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/privilege/{application}/{privilege}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/privilege/", this,
|
||||
GET, "/_xpack/security/privilege/", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/privilege/{application}", this,
|
||||
GET, "/_xpack/security/privilege/{application}", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/privilege/{application}/{privilege}", this,
|
||||
GET, "/_xpack/security/privilege/{application}/{privilege}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_get_privileges_action";
|
||||
return "security_get_privileges_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.privilege;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -35,16 +37,22 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
* Rest endpoint to add one or more {@link ApplicationPrivilege} objects to the security index
|
||||
*/
|
||||
public class RestPutPrivilegesAction extends SecurityBaseRestHandler {
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestPutPrivilegesAction.class));
|
||||
|
||||
public RestPutPrivilegesAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(PUT, "/_xpack/security/privilege/", this);
|
||||
controller.registerHandler(POST, "/_xpack/security/privilege/", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/privilege/", this,
|
||||
PUT, "/_xpack/security/privilege/", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/privilege/", this,
|
||||
POST, "/_xpack/security/privilege/", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_put_privileges_action";
|
||||
return "security_put_privileges_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.realm;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
import org.elasticsearch.rest.RestController;
|
||||
|
@ -21,14 +23,19 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
|
||||
public final class RestClearRealmCacheAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestClearRealmCacheAction.class));
|
||||
|
||||
public RestClearRealmCacheAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/realm/{realms}/_clear_cache", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/realm/{realms}/_clear_cache", this,
|
||||
POST, "/_xpack/security/realm/{realms}/_clear_cache", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_clear_realm_cache_action";
|
||||
return "security_clear_realm_cache_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.role;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
import org.elasticsearch.rest.RestController;
|
||||
|
@ -21,14 +23,19 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
|
||||
public final class RestClearRolesCacheAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestClearRolesCacheAction.class));
|
||||
|
||||
public RestClearRolesCacheAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/role/{name}/_clear_cache", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/role/{name}/_clear_cache", this,
|
||||
POST, "/_xpack/security/role/{name}/_clear_cache", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_clear_roles_cache_action";
|
||||
return "security_clear_roles_cache_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.role;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -28,14 +30,19 @@ import static org.elasticsearch.rest.RestRequest.Method.DELETE;
|
|||
*/
|
||||
public class RestDeleteRoleAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestDeleteRoleAction.class));
|
||||
|
||||
public RestDeleteRoleAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(DELETE, "/_xpack/security/role/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
DELETE, "/_security/role/{name}", this,
|
||||
DELETE, "/_xpack/security/role/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_delete_role_action";
|
||||
return "security_delete_role_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,8 +5,10 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.role;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -29,15 +31,23 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
* Rest endpoint to retrieve a Role from the security index
|
||||
*/
|
||||
public class RestGetRolesAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestGetRolesAction.class));
|
||||
|
||||
public RestGetRolesAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(GET, "/_xpack/security/role/", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/role/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/role/", this,
|
||||
GET, "/_xpack/security/role/", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/role/{name}", this,
|
||||
GET, "/_xpack/security/role/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_get_roles_action";
|
||||
return "security_get_roles_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.role;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -30,15 +32,22 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
*/
|
||||
public class RestPutRoleAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestPutRoleAction.class));
|
||||
|
||||
public RestPutRoleAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/role/{name}", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/role/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/role/{name}", this,
|
||||
POST, "/_xpack/security/role/{name}", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/role/{name}", this,
|
||||
PUT, "/_xpack/security/role/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_put_role_action";
|
||||
return "security_put_role_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.rolemapping;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -28,14 +30,20 @@ import static org.elasticsearch.rest.RestRequest.Method.DELETE;
|
|||
*/
|
||||
public class RestDeleteRoleMappingAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestDeleteRoleMappingAction.class));
|
||||
|
||||
public RestDeleteRoleMappingAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(DELETE, "/_xpack/security/role_mapping/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
DELETE, "/_security/role_mapping/{name}", this,
|
||||
DELETE, "/_xpack/security/role_mapping/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_delete_role_mapping_action";
|
||||
return "security_delete_role_mapping_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.rolemapping;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -29,15 +31,22 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
*/
|
||||
public class RestGetRoleMappingsAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestGetRoleMappingsAction.class));
|
||||
|
||||
public RestGetRoleMappingsAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(GET, "/_xpack/security/role_mapping/", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/role_mapping/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/role_mapping/", this,
|
||||
GET, "/_xpack/security/role_mapping/", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/role_mapping/{name}", this,
|
||||
GET, "/_xpack/security/role_mapping/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_get_role_mappings_action";
|
||||
return "security_get_role_mappings_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.rolemapping;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -32,15 +34,22 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
*/
|
||||
public class RestPutRoleMappingAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestPutRoleMappingAction.class));
|
||||
|
||||
public RestPutRoleMappingAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/role_mapping/{name}", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/role_mapping/{name}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/role_mapping/{name}", this,
|
||||
POST, "/_xpack/security/role_mapping/{name}", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/role_mapping/{name}", this,
|
||||
PUT, "/_xpack/security/role_mapping/{name}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_put_role_mappings_action";
|
||||
return "security_put_role_mappings_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,9 +5,11 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.saml;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ObjectParser;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -35,6 +37,8 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
*/
|
||||
public class RestSamlAuthenticateAction extends SamlBaseRestHandler implements RestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestSamlAuthenticateAction.class));
|
||||
static class Input {
|
||||
String content;
|
||||
List<String> ids;
|
||||
|
@ -58,12 +62,15 @@ public class RestSamlAuthenticateAction extends SamlBaseRestHandler implements R
|
|||
public RestSamlAuthenticateAction(Settings settings, RestController controller,
|
||||
XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/saml/authenticate", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/saml/authenticate", this,
|
||||
POST, "/_xpack/security/saml/authenticate", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_saml_authenticate_action";
|
||||
return "security_saml_authenticate_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -7,8 +7,10 @@ package org.elasticsearch.xpack.security.rest.action.saml;
|
|||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ObjectParser;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -32,6 +34,8 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
*/
|
||||
public class RestSamlInvalidateSessionAction extends SamlBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestSamlInvalidateSessionAction.class));
|
||||
static final ObjectParser<SamlInvalidateSessionRequest, RestSamlInvalidateSessionAction> PARSER =
|
||||
new ObjectParser<>("saml_invalidate_session", SamlInvalidateSessionRequest::new);
|
||||
|
||||
|
@ -43,12 +47,15 @@ public class RestSamlInvalidateSessionAction extends SamlBaseRestHandler {
|
|||
|
||||
public RestSamlInvalidateSessionAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/saml/invalidate", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/saml/invalidate", this,
|
||||
POST, "/_xpack/security/saml/invalidate", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_saml_invalidate_action";
|
||||
return "security_saml_invalidate_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -7,8 +7,10 @@ package org.elasticsearch.xpack.security.rest.action.saml;
|
|||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ObjectParser;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -34,6 +36,7 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
*/
|
||||
public class RestSamlLogoutAction extends SamlBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestSamlLogoutAction.class));
|
||||
static final ObjectParser<SamlLogoutRequest, Void> PARSER = new ObjectParser<>("saml_logout", SamlLogoutRequest::new);
|
||||
|
||||
static {
|
||||
|
@ -43,12 +46,15 @@ public class RestSamlLogoutAction extends SamlBaseRestHandler {
|
|||
|
||||
public RestSamlLogoutAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/saml/logout", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/saml/logout", this,
|
||||
POST, "/_xpack/security/saml/logout", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_saml_logout_action";
|
||||
return "security_saml_logout_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -7,8 +7,10 @@ package org.elasticsearch.xpack.security.rest.action.saml;
|
|||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.ParseField;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ObjectParser;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -34,6 +36,8 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
*/
|
||||
public class RestSamlPrepareAuthenticationAction extends SamlBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestSamlPrepareAuthenticationAction.class));
|
||||
static final ObjectParser<SamlPrepareAuthenticationRequest, Void> PARSER = new ObjectParser<>("saml_prepare_authn",
|
||||
SamlPrepareAuthenticationRequest::new);
|
||||
|
||||
|
@ -44,12 +48,15 @@ public class RestSamlPrepareAuthenticationAction extends SamlBaseRestHandler {
|
|||
|
||||
public RestSamlPrepareAuthenticationAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/saml/prepare", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/saml/prepare", this,
|
||||
POST, "/_xpack/security/saml/prepare", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_saml_prepare_authentication_action";
|
||||
return "security_saml_prepare_authentication_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -33,6 +35,7 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
|
||||
public class RestChangePasswordAction extends SecurityBaseRestHandler implements RestRequestFilter {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestChangePasswordAction.class));
|
||||
private final SecurityContext securityContext;
|
||||
private final Hasher passwordHasher;
|
||||
|
||||
|
@ -41,15 +44,24 @@ public class RestChangePasswordAction extends SecurityBaseRestHandler implements
|
|||
super(settings, licenseState);
|
||||
this.securityContext = securityContext;
|
||||
passwordHasher = Hasher.resolve(XPackSettings.PASSWORD_HASHING_ALGORITHM.get(settings));
|
||||
controller.registerHandler(POST, "/_xpack/security/user/{username}/_password", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/user/{username}/_password", this);
|
||||
controller.registerHandler(POST, "/_xpack/security/user/_password", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/user/_password", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/{username}/_password", this,
|
||||
POST, "/_xpack/security/user/{username}/_password", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/user/{username}/_password", this,
|
||||
PUT, "/_xpack/security/user/{username}/_password", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/_password", this,
|
||||
POST, "/_xpack/security/user/_password", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/user/_password", this,
|
||||
PUT, "/_xpack/security/user/_password", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_change_password_action";
|
||||
return "security_change_password_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -28,14 +30,19 @@ import static org.elasticsearch.rest.RestRequest.Method.DELETE;
|
|||
*/
|
||||
public class RestDeleteUserAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestDeleteUserAction.class));
|
||||
|
||||
public RestDeleteUserAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(DELETE, "/_xpack/security/user/{username}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
DELETE, "/_security/user/{username}", this,
|
||||
DELETE, "/_xpack/security/user/{username}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_delete_user_action";
|
||||
return "security_delete_user_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,8 +5,10 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ToXContent;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -39,17 +41,22 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
public class RestGetUserPrivilegesAction extends SecurityBaseRestHandler {
|
||||
|
||||
private final SecurityContext securityContext;
|
||||
private static final DeprecationLogger deprecationLogger =
|
||||
new DeprecationLogger(LogManager.getLogger(RestGetUserPrivilegesAction.class));
|
||||
|
||||
public RestGetUserPrivilegesAction(Settings settings, RestController controller, SecurityContext securityContext,
|
||||
XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
this.securityContext = securityContext;
|
||||
controller.registerHandler(GET, "/_xpack/security/user/_privileges", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/user/_privileges", this,
|
||||
GET, "/_xpack/security/user/_privileges", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_user_privileges_action";
|
||||
return "security_user_privileges_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,8 +5,10 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -30,15 +32,22 @@ import static org.elasticsearch.rest.RestRequest.Method.GET;
|
|||
*/
|
||||
public class RestGetUsersAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestGetUsersAction.class));
|
||||
|
||||
public RestGetUsersAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(GET, "/_xpack/security/user/", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/user/{username}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/user/", this,
|
||||
GET, "/_xpack/security/user/", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/user/{username}", this,
|
||||
GET, "/_xpack/security/user/{username}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_get_users_action";
|
||||
return "security_get_users_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,10 +5,12 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.bytes.BytesReference;
|
||||
import org.elasticsearch.common.collect.Tuple;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.ToXContent;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -40,20 +42,30 @@ import static org.elasticsearch.rest.RestRequest.Method.POST;
|
|||
public class RestHasPrivilegesAction extends SecurityBaseRestHandler {
|
||||
|
||||
private final SecurityContext securityContext;
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestHasPrivilegesAction.class));
|
||||
|
||||
public RestHasPrivilegesAction(Settings settings, RestController controller, SecurityContext securityContext,
|
||||
XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
this.securityContext = securityContext;
|
||||
controller.registerHandler(GET, "/_xpack/security/user/{username}/_has_privileges", this);
|
||||
controller.registerHandler(POST, "/_xpack/security/user/{username}/_has_privileges", this);
|
||||
controller.registerHandler(GET, "/_xpack/security/user/_has_privileges", this);
|
||||
controller.registerHandler(POST, "/_xpack/security/user/_has_privileges", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/user/{username}/_has_privileges", this,
|
||||
GET, "/_xpack/security/user/{username}/_has_privileges", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/{username}/_has_privileges", this,
|
||||
POST, "/_xpack/security/user/{username}/_has_privileges", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
GET, "/_security/user/_has_privileges", this,
|
||||
GET, "/_xpack/security/user/_has_privileges", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/_has_privileges", this,
|
||||
POST, "/_xpack/security/user/_has_privileges", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_has_priviledges_action";
|
||||
return "security_has_priviledges_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.set.Sets;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
|
@ -37,17 +39,23 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
public class RestPutUserAction extends SecurityBaseRestHandler implements RestRequestFilter {
|
||||
|
||||
private final Hasher passwordHasher;
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestPutUserAction.class));
|
||||
|
||||
public RestPutUserAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
passwordHasher = Hasher.resolve(XPackSettings.PASSWORD_HASHING_ALGORITHM.get(settings));
|
||||
controller.registerHandler(POST, "/_xpack/security/user/{username}", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/user/{username}", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/{username}", this,
|
||||
POST, "/_xpack/security/user/{username}", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/user/{username}", this,
|
||||
PUT, "/_xpack/security/user/{username}", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_put_user_action";
|
||||
return "security_put_user_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
*/
|
||||
package org.elasticsearch.xpack.security.rest.action.user;
|
||||
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.elasticsearch.client.node.NodeClient;
|
||||
import org.elasticsearch.common.logging.DeprecationLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
import org.elasticsearch.license.XPackLicenseState;
|
||||
|
@ -30,17 +32,28 @@ import static org.elasticsearch.rest.RestRequest.Method.PUT;
|
|||
*/
|
||||
public class RestSetEnabledAction extends SecurityBaseRestHandler {
|
||||
|
||||
private static final DeprecationLogger deprecationLogger = new DeprecationLogger(LogManager.getLogger(RestSetEnabledAction.class));
|
||||
|
||||
public RestSetEnabledAction(Settings settings, RestController controller, XPackLicenseState licenseState) {
|
||||
super(settings, licenseState);
|
||||
controller.registerHandler(POST, "/_xpack/security/user/{username}/_enable", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/user/{username}/_enable", this);
|
||||
controller.registerHandler(POST, "/_xpack/security/user/{username}/_disable", this);
|
||||
controller.registerHandler(PUT, "/_xpack/security/user/{username}/_disable", this);
|
||||
// TODO: remove deprecated endpoint in 8.0.0
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/{username}/_enable", this,
|
||||
POST, "/_xpack/security/user/{username}/_enable", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/user/{username}/_enable", this,
|
||||
PUT, "/_xpack/security/user/{username}/_enable", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
POST, "/_security/user/{username}/_disable", this,
|
||||
POST, "/_xpack/security/user/{username}/_disable", deprecationLogger);
|
||||
controller.registerWithDeprecatedHandler(
|
||||
PUT, "/_security/user/{username}/_disable", this,
|
||||
PUT, "/_xpack/security/user/{username}/_disable", deprecationLogger);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return "xpack_security_set_enabled_action";
|
||||
return "security_set_enabled_action";
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -99,7 +99,7 @@ public class ClearRealmsCacheTests extends SecurityIntegTestCase {
|
|||
|
||||
@Override
|
||||
public void executeRequest() throws Exception {
|
||||
executeHttpRequest("/_xpack/security/realm/" + (randomBoolean() ? "*" : "_all") + "/_clear_cache",
|
||||
executeHttpRequest("/_security/realm/" + (randomBoolean() ? "*" : "_all") + "/_clear_cache",
|
||||
Collections.<String, String>emptyMap());
|
||||
}
|
||||
},
|
||||
|
@ -122,7 +122,7 @@ public class ClearRealmsCacheTests extends SecurityIntegTestCase {
|
|||
|
||||
@Override
|
||||
public void executeRequest() throws Exception {
|
||||
String path = "/_xpack/security/realm/" + (randomBoolean() ? "*" : "_all") + "/_clear_cache";
|
||||
String path = "/_security/realm/" + (randomBoolean() ? "*" : "_all") + "/_clear_cache";
|
||||
Map<String, String> params = Collections.singletonMap("usernames", String.join(",", evicted_usernames));
|
||||
executeHttpRequest(path, params);
|
||||
}
|
||||
|
|
|
@ -199,7 +199,7 @@ public class LicensingTests extends SecurityIntegTestCase {
|
|||
// the default of the licensing tests is basic
|
||||
assertThat(unauthorizedRootResponse.getStatusLine().getStatusCode(), is(200));
|
||||
ResponseException e = expectThrows(ResponseException.class,
|
||||
() -> getRestClient().performRequest(new Request("GET", "/_xpack/security/_authenticate")));
|
||||
() -> getRestClient().performRequest(new Request("GET", "/_security/_authenticate")));
|
||||
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403));
|
||||
|
||||
// generate a new license with a mode that enables auth
|
||||
|
@ -209,7 +209,7 @@ public class LicensingTests extends SecurityIntegTestCase {
|
|||
e = expectThrows(ResponseException.class, () -> getRestClient().performRequest(new Request("GET", "/")));
|
||||
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401));
|
||||
e = expectThrows(ResponseException.class,
|
||||
() -> getRestClient().performRequest(new Request("GET", "/_xpack/security/_authenticate")));
|
||||
() -> getRestClient().performRequest(new Request("GET", "/_security/_authenticate")));
|
||||
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401));
|
||||
|
||||
RequestOptions.Builder optionsBuilder = RequestOptions.DEFAULT.toBuilder();
|
||||
|
@ -221,7 +221,7 @@ public class LicensingTests extends SecurityIntegTestCase {
|
|||
rootRequest.setOptions(options);
|
||||
Response authorizedRootResponse = getRestClient().performRequest(rootRequest);
|
||||
assertThat(authorizedRootResponse.getStatusLine().getStatusCode(), is(200));
|
||||
Request authenticateRequest = new Request("GET", "/_xpack/security/_authenticate");
|
||||
Request authenticateRequest = new Request("GET", "/_security/_authenticate");
|
||||
authenticateRequest.setOptions(options);
|
||||
Response authorizedAuthenticateResponse = getRestClient().performRequest(authenticateRequest);
|
||||
assertThat(authorizedAuthenticateResponse.getStatusLine().getStatusCode(), is(200));
|
||||
|
|
|
@ -80,7 +80,7 @@ public abstract class NativeRealmIntegTestCase extends SecurityIntegTestCase {
|
|||
public void setupReservedPasswords(RestClient restClient) throws IOException {
|
||||
logger.info("setting up reserved passwords for test");
|
||||
{
|
||||
Request request = new Request("PUT", "/_xpack/security/user/elastic/_password");
|
||||
Request request = new Request("PUT", "/_security/user/elastic/_password");
|
||||
request.setJsonEntity("{\"password\": \"" + new String(reservedPassword.getChars()) + "\"}");
|
||||
RequestOptions.Builder options = request.getOptions().toBuilder();
|
||||
options.addHeader("Authorization", UsernamePasswordToken.basicAuthHeaderValue(ElasticUser.NAME, BOOTSTRAP_PASSWORD));
|
||||
|
@ -94,7 +94,7 @@ public abstract class NativeRealmIntegTestCase extends SecurityIntegTestCase {
|
|||
final List<String> usernames = Arrays.asList(KibanaUser.NAME, LogstashSystemUser.NAME, BeatsSystemUser.NAME, APMSystemUser.NAME,
|
||||
RemoteMonitoringUser.NAME);
|
||||
for (String username : usernames) {
|
||||
Request request = new Request("PUT", "/_xpack/security/user/" + username + "/_password");
|
||||
Request request = new Request("PUT", "/_security/user/" + username + "/_password");
|
||||
request.setJsonEntity("{\"password\": \"" + new String(reservedPassword.getChars()) + "\"}");
|
||||
request.setOptions(options);
|
||||
restClient.performRequest(request);
|
||||
|
|
|
@ -459,11 +459,11 @@ public class SetupPasswordToolTests extends CommandTestCase {
|
|||
}
|
||||
|
||||
private URL authenticateUrl(URL url) throws MalformedURLException, URISyntaxException {
|
||||
return new URL(url, (url.toURI().getPath() + "/_xpack/security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
return new URL(url, (url.toURI().getPath() + "/_security/_authenticate").replaceAll("/+", "/") + "?pretty");
|
||||
}
|
||||
|
||||
private URL passwordUrl(URL url, String user) throws MalformedURLException, URISyntaxException {
|
||||
return new URL(url, (url.toURI().getPath() + "/_xpack/security/user/" + user + "/_password").replaceAll("/+", "/") + "?pretty");
|
||||
return new URL(url, (url.toURI().getPath() + "/_security/user/" + user + "/_password").replaceAll("/+", "/") + "?pretty");
|
||||
}
|
||||
|
||||
private URL clusterHealthUrl(URL url) throws MalformedURLException, URISyntaxException {
|
||||
|
|
|
@ -53,7 +53,7 @@ public class RestAuthenticateActionTests extends SecurityIntegTestCase {
|
|||
}
|
||||
|
||||
public void testAuthenticateApi() throws Exception {
|
||||
Request request = new Request("GET", "/_xpack/security/_authenticate");
|
||||
Request request = new Request("GET", "/_security/_authenticate");
|
||||
RequestOptions.Builder options = request.getOptions().toBuilder();
|
||||
options.addHeader("Authorization", basicAuthHeaderValue(SecuritySettingsSource.TEST_USER_NAME,
|
||||
new SecureString(SecuritySettingsSourceField.TEST_PASSWORD.toCharArray())));
|
||||
|
@ -72,7 +72,7 @@ public class RestAuthenticateActionTests extends SecurityIntegTestCase {
|
|||
|
||||
public void testAuthenticateApiWithoutAuthentication() throws Exception {
|
||||
try {
|
||||
Response response = getRestClient().performRequest(new Request("GET", "/_xpack/security/_authenticate"));
|
||||
Response response = getRestClient().performRequest(new Request("GET", "/_security/_authenticate"));
|
||||
if (anonymousEnabled) {
|
||||
assertThat(response.getStatusLine().getStatusCode(), is(200));
|
||||
ObjectPath objectPath = ObjectPath.createFromResponse(response);
|
||||
|
|
|
@ -476,7 +476,7 @@ public abstract class SqlSecurityTestCase extends ESRestTestCase {
|
|||
}
|
||||
|
||||
protected static void createUser(String name, String role) throws IOException {
|
||||
Request request = new Request("PUT", "/_xpack/security/user/" + name);
|
||||
Request request = new Request("PUT", "/_security/user/" + name);
|
||||
XContentBuilder user = JsonXContent.contentBuilder().prettyPrint();
|
||||
user.startObject(); {
|
||||
user.field("password", "testpass");
|
||||
|
|
|
@ -155,7 +155,7 @@ public class UserFunctionIT extends ESRestTestCase {
|
|||
}
|
||||
|
||||
private void createUser(String name, String role) throws IOException {
|
||||
Request request = new Request("PUT", "/_xpack/security/user/" + name);
|
||||
Request request = new Request("PUT", "/_security/user/" + name);
|
||||
XContentBuilder user = JsonXContent.contentBuilder().prettyPrint();
|
||||
user.startObject(); {
|
||||
user.field("password", "testpass");
|
||||
|
@ -167,7 +167,7 @@ public class UserFunctionIT extends ESRestTestCase {
|
|||
}
|
||||
|
||||
private void deleteUser(String name) throws IOException {
|
||||
Request request = new Request("DELETE", "/_xpack/security/user/" + name);
|
||||
Request request = new Request("DELETE", "/_security/user/" + name);
|
||||
client().performRequest(request);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.authenticate": {
|
||||
"security.authenticate": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-authenticate.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/_authenticate",
|
||||
"paths": [ "/_xpack/security/_authenticate" ],
|
||||
"path": "/_security/_authenticate",
|
||||
"paths": [
|
||||
"/_security/_authenticate"
|
||||
],
|
||||
"parts": {},
|
||||
"params": {}
|
||||
},
|
|
@ -1,10 +1,13 @@
|
|||
{
|
||||
"xpack.security.change_password": {
|
||||
"security.change_password": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-change-password.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}/_password",
|
||||
"paths": [ "/_xpack/security/user/{username}/_password", "/_xpack/security/user/_password" ],
|
||||
"path": "/_security/user/{username}/_password",
|
||||
"paths": [
|
||||
"/_security/user/{username}/_password",
|
||||
"/_security/user/_password"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.clear_cached_realms": {
|
||||
"security.clear_cached_realms": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-cache.html",
|
||||
"methods": [ "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/realm/{realms}/_clear_cache",
|
||||
"paths": [ "/_xpack/security/realm/{realms}/_clear_cache" ],
|
||||
"path": "/_security/realm/{realms}/_clear_cache",
|
||||
"paths": [
|
||||
"/_security/realm/{realms}/_clear_cache"
|
||||
],
|
||||
"parts": {
|
||||
"realms": {
|
||||
"type" : "list",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.clear_cached_roles": {
|
||||
"security.clear_cached_roles": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-clear-role-cache.html",
|
||||
"methods": [ "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role/{name}/_clear_cache",
|
||||
"paths": [ "/_xpack/security/role/{name}/_clear_cache" ],
|
||||
"path": "/_security/role/{name}/_clear_cache",
|
||||
"paths": [
|
||||
"/_security/role/{name}/_clear_cache"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "list",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.delete_privileges": {
|
||||
"security.delete_privileges": {
|
||||
"documentation": "TODO",
|
||||
"methods": [ "DELETE" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/privilege/{application}/{name}",
|
||||
"paths": [ "/_xpack/security/privilege/{application}/{name}" ],
|
||||
"path": "/_security/privilege/{application}/{name}",
|
||||
"paths": [
|
||||
"/_security/privilege/{application}/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"application": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.delete_role": {
|
||||
"security.delete_role": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role.html",
|
||||
"methods": [ "DELETE" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role/{name}",
|
||||
"paths": [ "/_xpack/security/role/{name}" ],
|
||||
"path": "/_security/role/{name}",
|
||||
"paths": [
|
||||
"/_security/role/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.delete_role_mapping": {
|
||||
"security.delete_role_mapping": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-role-mapping.html",
|
||||
"methods": [ "DELETE" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role_mapping/{name}",
|
||||
"paths": [ "/_xpack/security/role_mapping/{name}" ],
|
||||
"path": "/_security/role_mapping/{name}",
|
||||
"paths": [
|
||||
"/_security/role_mapping/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.delete_user": {
|
||||
"security.delete_user": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-delete-user.html",
|
||||
"methods": [ "DELETE" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}",
|
||||
"paths": [ "/_xpack/security/user/{username}" ],
|
||||
"path": "/_security/user/{username}",
|
||||
"paths": [
|
||||
"/_security/user/{username}"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.disable_user": {
|
||||
"security.disable_user": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-disable-user.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}/_disable",
|
||||
"paths": [ "/_xpack/security/user/{username}/_disable" ],
|
||||
"path": "/_security/user/{username}/_disable",
|
||||
"paths": [
|
||||
"/_security/user/{username}/_disable"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.enable_user": {
|
||||
"security.enable_user": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-enable-user.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}/_enable",
|
||||
"paths": [ "/_xpack/security/user/{username}/_enable" ],
|
||||
"path": "/_security/user/{username}/_enable",
|
||||
"paths": [
|
||||
"/_security/user/{username}/_enable"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.get_privileges": {
|
||||
"security.get_privileges": {
|
||||
"documentation": "TODO",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/privilege/{application}/{name}",
|
||||
"paths": [ "/_xpack/security/privilege/{application}/{name}" ],
|
||||
"path": "/_security/privilege/{application}/{name}",
|
||||
"paths": [
|
||||
"/_security/privilege/{application}/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"application": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,13 @@
|
|||
{
|
||||
"xpack.security.get_role": {
|
||||
"security.get_role": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role/{name}",
|
||||
"paths": [ "/_xpack/security/role/{name}", "/_xpack/security/role" ],
|
||||
"path": "/_security/role/{name}",
|
||||
"paths": [
|
||||
"/_security/role/{name}",
|
||||
"/_security/role"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,13 @@
|
|||
{
|
||||
"xpack.security.get_role_mapping": {
|
||||
"security.get_role_mapping": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role-mapping.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role_mapping/{name}",
|
||||
"paths": [ "/_xpack/security/role_mapping/{name}", "/_xpack/security/role_mapping" ],
|
||||
"path": "/_security/role_mapping/{name}",
|
||||
"paths": [
|
||||
"/_security/role_mapping/{name}",
|
||||
"/_security/role_mapping"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.get_token": {
|
||||
"security.get_token": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html",
|
||||
"methods": [ "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/oauth2/token",
|
||||
"paths": [ "/_xpack/security/oauth2/token" ],
|
||||
"path": "/_security/oauth2/token",
|
||||
"paths": [
|
||||
"/_security/oauth2/token"
|
||||
],
|
||||
"parts": {},
|
||||
"params": {}
|
||||
},
|
|
@ -1,10 +1,13 @@
|
|||
{
|
||||
"xpack.security.get_user": {
|
||||
"security.get_user": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-user.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}",
|
||||
"paths": [ "/_xpack/security/user/{username}", "/_xpack/security/user" ],
|
||||
"path": "/_security/user/{username}",
|
||||
"paths": [
|
||||
"/_security/user/{username}",
|
||||
"/_security/user"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "list",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.get_user_privileges": {
|
||||
"security.get_user_privileges": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-user-privileges.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/_privileges",
|
||||
"paths": [ "/_xpack/security/user/_privileges" ],
|
||||
"path": "/_security/user/_privileges",
|
||||
"paths": [
|
||||
"/_security/user/_privileges"
|
||||
],
|
||||
"parts": { },
|
||||
"params": {}
|
||||
},
|
|
@ -1,10 +1,13 @@
|
|||
{
|
||||
"xpack.security.has_privileges": {
|
||||
"security.has_privileges": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-has-privileges.html",
|
||||
"methods": [ "GET", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/_has_privileges",
|
||||
"paths": [ "/_xpack/security/user/_has_privileges", "/_xpack/security/user/{user}/_has_privileges" ],
|
||||
"path": "/_security/user/_has_privileges",
|
||||
"paths": [
|
||||
"/_security/user/_has_privileges",
|
||||
"/_security/user/{user}/_has_privileges"
|
||||
],
|
||||
"parts": {
|
||||
"user": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.invalidate_token": {
|
||||
"security.invalidate_token": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-invalidate-token.html",
|
||||
"methods": [ "DELETE" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/oauth2/token",
|
||||
"paths": [ "/_xpack/security/oauth2/token" ],
|
||||
"path": "/_security/oauth2/token",
|
||||
"paths": [
|
||||
"/_security/oauth2/token"
|
||||
],
|
||||
"parts": {},
|
||||
"params": {}
|
||||
},
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
"xpack.security.put_privileges": {
|
||||
"security.put_privileges": {
|
||||
"documentation": "TODO",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/privilege/",
|
||||
"path": "/_security/privilege/",
|
||||
"paths": [
|
||||
"/_xpack/security/privilege/"
|
||||
"/_security/privilege/"
|
||||
],
|
||||
"params": {
|
||||
"refresh": {
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.put_role": {
|
||||
"security.put_role": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role/{name}",
|
||||
"paths": [ "/_xpack/security/role/{name}" ],
|
||||
"path": "/_security/role/{name}",
|
||||
"paths": [
|
||||
"/_security/role/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.put_role_mapping": {
|
||||
"security.put_role_mapping": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role-mapping.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/role_mapping/{name}",
|
||||
"paths": [ "/_xpack/security/role_mapping/{name}" ],
|
||||
"path": "/_security/role_mapping/{name}",
|
||||
"paths": [
|
||||
"/_security/role_mapping/{name}"
|
||||
],
|
||||
"parts": {
|
||||
"name": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.security.put_user": {
|
||||
"security.put_user": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-user.html",
|
||||
"methods": [ "PUT", "POST" ],
|
||||
"url": {
|
||||
"path": "/_xpack/security/user/{username}",
|
||||
"paths": [ "/_xpack/security/user/{username}" ],
|
||||
"path": "/_security/user/{username}",
|
||||
"paths": [
|
||||
"/_security/user/{username}"
|
||||
],
|
||||
"parts": {
|
||||
"username": {
|
||||
"type" : "string",
|
|
@ -1,10 +1,12 @@
|
|||
{
|
||||
"xpack.ssl.certificates": {
|
||||
"ssl.certificates": {
|
||||
"documentation": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-ssl.html",
|
||||
"methods": [ "GET" ],
|
||||
"url": {
|
||||
"path": "/_xpack/ssl/certificates",
|
||||
"paths": [ "/_xpack/ssl/certificates" ],
|
||||
"path": "/_ssl/certificates",
|
||||
"paths": [
|
||||
"/_ssl/certificates"
|
||||
],
|
||||
"parts": {},
|
||||
"params": {}
|
||||
},
|
|
@ -8,7 +8,7 @@ setup:
|
|||
wait_for_status: yellow
|
||||
|
||||
- do:
|
||||
xpack.security.put_user:
|
||||
security.put_user:
|
||||
username: "authenticate_user"
|
||||
body: >
|
||||
{
|
||||
|
@ -20,7 +20,7 @@ setup:
|
|||
---
|
||||
teardown:
|
||||
- do:
|
||||
xpack.security.delete_user:
|
||||
security.delete_user:
|
||||
username: "authenticate_user"
|
||||
ignore: 404
|
||||
|
||||
|
@ -30,7 +30,7 @@ teardown:
|
|||
- do:
|
||||
headers:
|
||||
Authorization: "Basic YXV0aGVudGljYXRlX3VzZXI6eC1wYWNrLXRlc3QtcGFzc3dvcmQ="
|
||||
xpack.security.authenticate: {}
|
||||
security.authenticate: {}
|
||||
|
||||
- match: { username: "authenticate_user" }
|
||||
- match: { roles.0: "superuser" }
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue