Two new commands to the command line tool have been added
* esusers list: Allows to list all users with their roles or only a single one
* esusers roles: Allows to add or remove roles
Roles have been configured as to only consist of lowercase alphanumeric characters.
Original commit: elastic/x-pack-elasticsearch@6fcb4c56e4
Changed the scope of the guava dependency to prevent wrong imports and always use the shaded ones.
This required a change in the forbidden API signatures, as that tool alwyas try load the class and fail
if the class cannot be found.
Original commit: elastic/x-pack-elasticsearch@90a245423a
* Add config and bin directory to assembly
* Add main method to ESUsersTool so it starts
* Fix bin/esusers to actually start
* Fix ESUsersTool to write files in config/shield by default as each plugin has its own directory after installation
* Changed bin/ and config/ directory to reflect path after installation in ES
Original commit: elastic/x-pack-elasticsearch@7d4165e389
Used the existing infra structure to filter by ip in the netty pipeline
before any other handler is hit, in order to reject as soon as possible.
Right now the connection is simply closed.
The configuration is a simple YAML file which uses allow/deny rules
Original commit: elastic/x-pack-elasticsearch@000e44f8cc
Settings for SSL now all start with `shield` as well. Changed documentation and tests to reflect this.
Original commit: elastic/x-pack-elasticsearch@9dd3bc865e
There are four modules:
- authc: realm based authentication module
- authz: role based privileges & permissions authorization module
- n2n: node to node authentication module (incl. IP filtering auth)
- audit: audit trail module (only includes log file audit trails for now)
Original commit: elastic/x-pack-elasticsearch@b1ec9e2923
Alexander Reelsen
uboness
javanna