The cache provides a get method with a callable to load the value into the cache. Our callable
performs authentication and then returns a value. The issue with this is that the cache will queue
concurrent calls if a value is already being loaded and return the result to all callers. This is
problematic since the key is only the username and we do not validate the credentials as part of
the get call. This means it is possible for valid credentials to be returned a null user and authentication
fails.
Additionally, another variant exists where it is possible for invalid credentials to be returned a valid
user, which allows an attacker to gain access by only knowing a username and issuing a large number
of concurrent requests.
Closeselastic/elasticsearch#860
Original commit: elastic/x-pack-elasticsearch@3d122d3bbb
The LocalExporter checks worked when using a snapshot version but did not work
in a released version even though the template was the correct version.
Original commit: elastic/x-pack-elasticsearch@581f54575b
Instead of injecting a provider for `DiskThresholdDecider` we now inject the `DiskThresholdDecider` directly.
Original commit: elastic/x-pack-elasticsearch@9aeacbee24
Allows to configure watcher.http.proxy.host and watcher.http.proxy.port properties to
configure a HTTP proxy as well as specify a proxy whenever a HTTP request is executed.
Closeselastic/elasticsearch#587
Original commit: elastic/x-pack-elasticsearch@75ef260fef
- this results in a `marvel-agent-2.0.0.zip` artifact, to better differentiate it from the kibana marvel plugin
- post 2.0 when we move the marvel kibana codebase to x-plugins we'll need to differentiate between these two modules anyway.
Closeselastic/elasticsearch#846
Original commit: elastic/x-pack-elasticsearch@6b6a76f7dd
The additional setting to specify the configuration path is no longer needed with elasticsearch 2.0, so
we should remove it from the documentation. Also cleans up the installation commands to be in line
with what 2.0 requires.
Original commit: elastic/x-pack-elasticsearch@b269568a67
This had been disabled in the past due to marvel not being ready, but needs
to be reenabled to make sure marvel is released.
Original commit: elastic/x-pack-elasticsearch@269d5623d0
Currently, Licensee#onChange is called with a license and its status, It would be
cleaner if it accepted the license's operationMode and status as parameters instead.
This hides the license responsible for the notification from the consumer plugins and only
provides the license information used by the commercial plugins to turn features on via
operationMode and status to act on whether the current license is enabled, in
grace_period or disabled.
Original commit: elastic/x-pack-elasticsearch@b0ea7ec32b
This fixes jarhell issues running watcher tests in Eclipse but it requires
that elasticsearch core export its copy of TestShardRouting in its test jar.
Original commit: elastic/x-pack-elasticsearch@2a83d52553
