Commit Graph

24 Commits

Author SHA1 Message Date
Lisa Cawley 70f9bcc0d1 [DOCS] Adds link to clear role cache API (elastic/x-pack-elasticsearch#4405)
Original commit: elastic/x-pack-elasticsearch@d2d74069bf
2018-04-17 18:03:46 -07:00
Lisa Cawley 4c38e610fd [DOCS] Adds enabled parameter to user management API (elastic/x-pack-elasticsearch#4364)
Original commit: elastic/x-pack-elasticsearch@166bef4702
2018-04-17 16:15:54 -07:00
lcawley c09c9e13d7 [DOCS] Removes redundant role examples
Original commit: elastic/x-pack-elasticsearch@ac17cbbdfd
2018-04-12 16:47:45 -07:00
Lisa Cawley 17543dbc00 [DOCS] Augmented token API description (elastic/x-pack-elasticsearch#4321)
Original commit: elastic/x-pack-elasticsearch@c24713ee43
2018-04-09 11:39:21 -07:00
Lisa Cawley 3890875a88 [DOCS] Role Mapping API improvements (elastic/x-pack-elasticsearch#3951)
Original commit: elastic/x-pack-elasticsearch@d300c96c7a
2018-02-16 09:29:19 -08:00
Jay Modi 60d4b7e53e Add the ability to refresh tokens obtained via the API (elastic/x-pack-elasticsearch#3468)
This commit adds the ability to refresh tokens that have been obtained by the API using a refresh
token. Refresh tokens are one time use tokens that are valid for 24 hours. The tokens may be used
to get a new access and refresh token if the refresh token has not been invalidated or
already refreshed.

relates elastic/x-pack-elasticsearch#2595

Original commit: elastic/x-pack-elasticsearch@23435eb815
2018-01-17 12:18:44 -07:00
Lisa Cawley a4fad02d9a [DOCS] Added SSL certificates API (elastic/x-pack-elasticsearch#3136)
Original commit: elastic/x-pack-elasticsearch@62cb574fcf
2018-01-17 08:14:02 -08:00
Lisa Cawley b55ab98914 [DOCS] Formatted role mapping API (elastic/x-pack-elasticsearch#2576)
* [DOCS] Formatted role mapping API

* [DOCS] Addressed feedback in role mapping API

Original commit: elastic/x-pack-elasticsearch@baba26c8ed
2017-09-22 10:40:20 -07:00
Lisa Cawley 3a6cba7bc9 [DOCS] Formatted roles API (elastic/x-pack-elasticsearch#2577)
* [DOCS] Formatted roles API

* [DOCS] Addressed feedback about roles API

Original commit: elastic/x-pack-elasticsearch@414d06bc13
2017-09-22 10:24:20 -07:00
Lisa Cawley 445af3ecf5 [DOCS] Format the authenticate API (elastic/x-pack-elasticsearch#2572)
Original commit: elastic/x-pack-elasticsearch@bc486dc6be
2017-09-22 10:07:15 -07:00
Lisa Cawley 62fbd5a798 [DOCS] Format the clear cache API (elastic/x-pack-elasticsearch#2574)
* [DOCS] Format the clear cache API

* [DOCS] Fixed formatting in clear cache API

Original commit: elastic/x-pack-elasticsearch@705bd8e8cf
2017-09-22 10:04:38 -07:00
lcawley 85f7f9b2d1 [DOCS] Fix formatting in change password API
Original commit: elastic/x-pack-elasticsearch@acbe051abb
2017-09-22 10:01:49 -07:00
Lisa Cawley 3e68a89a45 [DOCS] Format change password API (elastic/x-pack-elasticsearch#2573)
Original commit: elastic/x-pack-elasticsearch@d1fc1a6116
2017-09-22 10:00:04 -07:00
Lisa Cawley 42f90b25e3 [DOCS] Format tokens API (elastic/x-pack-elasticsearch#2578)
* [DOCS] Format tokens API

* [DOCS] Cleaned up tokens API comment

Original commit: elastic/x-pack-elasticsearch@f818367c68
2017-09-22 09:56:32 -07:00
Lisa Cawley 5630ca6322 [DOCS] Formatted users API (elastic/x-pack-elasticsearch#2579)
Original commit: elastic/x-pack-elasticsearch@922ab6c279
2017-09-22 09:51:35 -07:00
Lisa Cawley 9c8b5fb98a [DOCS] Formatted the privileges API (elastic/x-pack-elasticsearch#2575)
Original commit: elastic/x-pack-elasticsearch@9080eb9535
2017-09-22 09:46:09 -07:00
Tim Brooks f2cbe20ea0 Remove default passwords from reserved users (elastic/x-pack-elasticsearch#1665)
This is related to elastic/x-pack-elasticsearch#1217. This PR removes the default password of
"changeme" from the reserved users.

This PR adds special behavior for authenticating the reserved users. No
ReservedRealm user can be authenticated until its password is set. The
one exception to this is the elastic user. The elastic user can be
authenticated with an empty password if the action is a rest request
originating from localhost. In this scenario where an elastic user is
authenticated with a default password, it will have metadata indicating
that it is in setup mode. An elastic user in setup mode is only
authorized to execute a change password request.

Original commit: elastic/x-pack-elasticsearch@e1e101a237
2017-06-29 15:27:57 -05:00
Lisa Cawley 08fdac5a93 [DOCS] Move security APIs to Elasticsearch Ref (elastic/x-pack-elasticsearch#1877)
* [DOCS] Move security APIs to Elasticsearch Ref

* [DOCS] Update links to security APIs

* [DOCS] Fix link to security APIs

Original commit: elastic/x-pack-elasticsearch@d7a9d3f1ab
2017-06-28 11:02:40 -07:00
Andy Bristol 855c63dbc7 User/role names can be longer with more characters (elastic/x-pack-elasticsearch#1745)
This changes the validation criteria we use for user and role
names in the file realm, native realm, and the
realm-agnostic code in x-pack security. The new criteria is:

A valid username's length must be at least 1 and no more than 1024
characters. It may not contain leading or trailing whitespace. All
characters in the name must be be alphanumeric (`a-z`, `A-Z`, `0-9`),
printable punctuation or symbols in the https://en.wikipedia.org/wiki/Basic_Latin_(Unicode_block)[Basic Latin (ASCII) block],
or the space character.

Original commit: elastic/x-pack-elasticsearch@f77640f269
2017-06-22 13:05:56 -07:00
Tim Vernum fe37109c3f [DOCS] [Security] Documentation for Role Mapping API (elastic/x-pack-elasticsearch#1474)
Includes:
- Extensive changes to "mapping roles" section
- New section for role mapping API
- Updates to LDAP/AD/PKI realms to refer to API based role mapping 
- Updates to LDAP/AD realms: `unmapped_groups_as_roles` only looks at file-based mappings 
- Updates to LDAP/AD realms: new setting for "metadata"

Original commit: elastic/x-pack-elasticsearch@6349f665f5
2017-06-06 14:12:31 +10:00
Tim Vernum 9f7f8ffb4d Outstanding docs for 5.4 changes (elastic/x-pack-elasticsearch#1280)
Docs for security features in 5.4

- `has_privileges` API
-  ldap metadata.

Original commit: elastic/x-pack-elasticsearch@22c733c814
2017-05-12 16:51:47 +10:00
Chee Wee 1e0caee90d Corrected a mistake on disabling a user (elastic/x-pack-elasticsearch#1135)
Corrected a mistake on disabling a user, when it should be enabling.

Please review the changes.

Original commit: elastic/x-pack-elasticsearch@352997e427
2017-05-03 10:55:26 +08:00
Jay Modi 1d08b4d1fb Rest endpoints for token based access (elastic/x-pack-elasticsearch#1235)
This commit adds rest endpoints for the creation of a new token and invalidation of an existing
token. This builds upon the functionality that was introduced in elastic/x-pack-elasticsearch#1029.

relates elastic/x-pack-elasticsearch#8

Original commit: elastic/x-pack-elasticsearch@d56611dfa3
2017-04-27 11:04:31 -04:00
debadair e804d78be5 [DOCS] Migrated rest-api topics from x-pack repo to x-pack-elasticsearch.
Original commit: elastic/x-pack-elasticsearch@46c9bf780a
2017-04-06 18:04:39 -07:00