Commit Graph

5732 Commits

Author SHA1 Message Date
Martijn van Groningen 96fe2d9ddf silly me
Original commit: elastic/x-pack-elasticsearch@b24829745d
2014-10-24 13:09:28 +02:00
Martijn van Groningen 6c66ca5fdc Build: Updated the groupId and artifactId
Original commit: elastic/x-pack-elasticsearch@326d53f3ec
2014-10-24 13:07:36 +02:00
Martijn van Groningen 75ef2dc3b3 Initial step to running alerts on master and added a very simple test.
Original commit: elastic/x-pack-elasticsearch@480f6bd44b
2014-10-24 12:49:33 +02:00
Igor Motov 1a5f72c28d Packaging system cleanup
Original commit: elastic/x-pack-elasticsearch@9a8b2b7158
2014-10-23 22:02:26 -04:00
Areek Zillur ceaefcb2c8 Initial node level tests; minor cleanup
Original commit: elastic/x-pack-elasticsearch@a917460b3c
2014-10-23 21:37:30 -04:00
Alexander Reelsen 2f3fe95f7e esvm: Fix roles configuration used by esvm
Original commit: elastic/x-pack-elasticsearch@7a25eff61c
2014-10-23 14:36:49 -07:00
Paul Echeverri b3789a74e4 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/public/04-authorization.asciidoc
	docs/public/clients/logstash.asciidoc

Original commit: elastic/x-pack-elasticsearch@699aa52379
2014-10-23 14:01:41 -07:00
Areek Zillur 941a440046 minor chagne
Original commit: elastic/x-pack-elasticsearch@b7306dc60a
2014-10-23 15:42:45 -04:00
Areek Zillur 28bc28e30d LicensesClientService.register works even if there is no master; LicensesManagerService.licenses() returns
one appropriate license per registered feature

Original commit: elastic/x-pack-elasticsearch@4d3ac103d6
2014-10-23 15:37:58 -04:00
Alexander Reelsen a52993db78 esvm: Added user configurations to make esvm usable again
Also added a logstash configuration for simple performance
testing (useful for comparing different hash functions)

Original commit: elastic/x-pack-elasticsearch@c9f08fbb12
2014-10-23 10:34:04 -07:00
uboness a287863ab0 Added cluster & indices monitoring privileges to System
This is required for marvel agent to collect its data.

Closes elastic/elasticsearch#137

Original commit: elastic/x-pack-elasticsearch@c1ed58aafb
2014-10-23 19:19:50 +02:00
uboness b7dac66c8a Changed the cached hashing algorithm for cached realms
Now the passwords are hashed in-memory using SHA2 by default (instead of original bcrypt). Also, it's now possible to configure the in-memory hashing algorithm.

Original commit: elastic/x-pack-elasticsearch@e2d1b3116b
2014-10-23 19:15:31 +02:00
uboness 521ebe4672 Change the way patterns are resolved in roles.yml
Now, there are two types of supported patters:

- wildcards (default) - simple wildcard match where `*` indicates zero or more characters and `?` indicates a single character (`\` can be used as an escape charachter)
- regular expressions - can be "enabled" by wrapping the pattern in `/` (e.g. `/foo.*/`). The regex syntax is based on lucene's regex syntax (not Java's Pattern).

Closes elastic/elasticsearch#253

Original commit: elastic/x-pack-elasticsearch@edd912122d
2014-10-23 19:04:01 +02:00
Paul Echeverri d46b13e4f5 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@9d1e4019e3
2014-10-23 09:21:35 -07:00
Areek Zillur 935f98a4b8 fix tests; improve client registeration
Original commit: elastic/x-pack-elasticsearch@e0464a4a1f
2014-10-23 12:07:16 -04:00
Areek Zillur 6f88c44030 fix conflict
Original commit: elastic/x-pack-elasticsearch@d0da2c43e3
2014-10-23 12:02:40 -04:00
uboness 82648c240f Fixed typo in esusers help
Closes elastic/elasticsearch#216

Original commit: elastic/x-pack-elasticsearch@07b4782cdc
2014-10-23 12:42:40 +02:00
uboness 9b6823683c Added some missing logging around realms
Closes elastic/elasticsearch#214

Original commit: elastic/x-pack-elasticsearch@648410ff8f
2014-10-23 11:15:02 +02:00
uboness b2ffc1d7b9 Better error message for parsing error of role.yml
added the role name to the error message where the parsing error was encountered.

Closes elastic/elasticsearch#245

Original commit: elastic/x-pack-elasticsearch@303b932864
2014-10-23 11:02:31 +02:00
Areek Zillur 15a8ed090e ignore failing tests
Original commit: elastic/x-pack-elasticsearch@53cdd48143
2014-10-22 23:31:25 -04:00
Areek Zillur 59b101cfab LicensesService Notification work
Original commit: elastic/x-pack-elasticsearch@cd7260dec9
2014-10-22 23:24:00 -04:00
Paul Echeverri a6ba0eec2d Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/public/06-ldap.asciidoc
	docs/public/08-auditing.asciidoc
	docs/structured/01-introduction.asciidoc
	docs/structured/02-architecture.asciidoc

Original commit: elastic/x-pack-elasticsearch@ddf1f0d910
2014-10-22 16:34:16 -07:00
c-a-m b5b6a1093c Fixes filename case typo
This fixes a file-name case typo for LdapSslSocketFactory

Original commit: elastic/x-pack-elasticsearch@fb71a1116e
2014-10-22 17:12:46 -06:00
c-a-m 4b0f7c4379 Fixed the url settings to only call the toArray. Plus I changed one of the tests to use the single value style
Original commit: elastic/x-pack-elasticsearch@16326d2b6c
2014-10-22 17:00:55 -06:00
c-a-m f517a6a8f3 Refactors "urls" -> "url"
This lets the url be configured as a single element (the most likely usage) or as an array.  This also checks that multiple urls are either all "ldaps", or all "ldap", as it is not possible to mix them.

Original commit: elastic/x-pack-elasticsearch@b5a94b1d35
2014-10-22 17:00:55 -06:00
uboness 0777e8d94f Fixed a bug in Permissions with multiple indices permission groups
The evalutation of the indices permission groups was wrong. Now, each index in the request is evaluated against all groups, such that:
  1. for each index, at least one group must grant the request
  2. all indices must be granted

  Along the way, also changed the audit logs structures such that:
  - moved the principal to "sit" next to the host
  - now, if we're logging an indices request, we also log the related indices (this provides more context to the actual request)

  Fixes elastic/elasticsearch#242

Original commit: elastic/x-pack-elasticsearch@95600d3148
2014-10-23 00:46:56 +02:00
Paul Echeverri 1f390cc654 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@1dc6bee15d
2014-10-22 15:46:54 -07:00
Areek Zillur 996f7aadf7 nuked ESLicenseProvider; minor cleanups
Original commit: elastic/x-pack-elasticsearch@92af8dc307
2014-10-22 17:46:46 -04:00
Paul Echeverri df7eba437e Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@4f890b59f6
2014-10-22 13:49:15 -07:00
Igor Motov d7b3f77586 Packaging system refactoring (WIP)
Original commit: elastic/x-pack-elasticsearch@29751a866d
2014-10-22 16:41:18 -04:00
Paul Echeverri d34c7cddf3 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/structured/03-getting-started.asciidoc
	docs/structured/06-ldap.asciidoc
	docs/structured/authentication/message-authentication.asciidoc

Original commit: elastic/x-pack-elasticsearch@642beb53ca
2014-10-22 12:02:29 -07:00
uboness fa48c46813 Skip authentication for rest OPTIONS call
this is required by CORS for unauthenticated pre-flight OPTIONS requests

Closes elastic/elasticsearch#234

Original commit: elastic/x-pack-elasticsearch@c368b2cf27
2014-10-22 19:29:20 +02:00
Areek Zillur 1f153402ef unify encoding; minor fixes & clean up imports
Original commit: elastic/x-pack-elasticsearch@0d00a7b177
2014-10-22 12:17:13 -04:00
uboness 3d71356596 Fixes Transport Client that start up with shield in the classpath
Now a NOOP transport filter is bound by to the secured transport service in a transport client

Fixes elastic/elasticsearch#165

Original commit: elastic/x-pack-elasticsearch@7268bd445c
2014-10-22 06:18:59 +02:00
Areek Zillur 3c551ab6d9 remove jackson as dep
Original commit: elastic/x-pack-elasticsearch@09418be764
2014-10-21 23:08:01 -04:00
Areek Zillur e59cf4538a major refactor: make ESLicense more consistent; restructure ESLicenseManager
Original commit: elastic/x-pack-elasticsearch@cb60bfb539
2014-10-21 23:05:29 -04:00
Paul Echeverri afbb81fe53 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@83e163e463
2014-10-21 12:47:00 -07:00
Paul Echeverri 45858f33c5 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@31b0cf72db
2014-10-21 12:27:50 -07:00
Paul Echeverri 59e66bd373 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@453d353111
2014-10-21 12:26:55 -07:00
Suyog Rao ce6646df2b Fix typo in esusers help description
Closes elastic/elasticsearch#222

Original commit: elastic/x-pack-elasticsearch@6c513be2aa
2014-10-20 22:44:06 -07:00
Paul Echeverri 21dfc7bfed Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@f7a6f816b8
2014-10-20 13:47:26 -07:00
Areek Zillur b9d92bae5a reformat code
Original commit: elastic/x-pack-elasticsearch@9df9af2804
2014-10-20 15:45:01 -04:00
Areek Zillur 1964ebc6f2 Consumer Plugin integration tests; Represent feature as string; proper handling of trial licenses
Original commit: elastic/x-pack-elasticsearch@d86f98a435
2014-10-20 15:42:23 -04:00
Igor Motov 9f84847681 First round of refactoring
ESLicenceManager is no longer a static singleton

Original commit: elastic/x-pack-elasticsearch@3e46f315a1
2014-10-20 11:06:06 -04:00
c-a-m 229c9c6c7d Truststore not needed when client auth is off
With this change the truststore is loaded only if client-auth is turned on.  This is causing problems
because we never expect the http endpoint to have client auth, but it still requires us to have a truststore

Fixes https://github.com/elasticsearch/elasticsearch-shield/issues/221

Original commit: elastic/x-pack-elasticsearch@40e2dc4de6
2014-10-17 18:24:16 -07:00
c-a-m 91bbc5b2ea Fixes default ldap group to role mapping file
Description: This fixes the name of the default file for group to role mapping.  It was missing the extension

Fixes https://github.com/elasticsearch/elasticsearch-shield/issues/223

Original commit: elastic/x-pack-elasticsearch@9ffcafd41e
2014-10-17 18:11:51 -07:00
uboness 836540455a Added additional Hasher implementations
- `BCRYPT`, `MD5`, `SHA1`, `SHA2`,
 - Also removed the support for bcrypt minor version y (i.e. $2y$) as it's not supported by our BCrypt implementation

Original commit: elastic/x-pack-elasticsearch@12cf024a59
2014-10-17 16:40:06 -07:00
Paul Echeverri 8b024befbf Merge branch 'doc-feedback' of https://github.com/palecur/elasticsearch-shield into doc-feedback
Conflicts:
	docs/structured/01-introduction.asciidoc
	docs/structured/02-architecture.asciidoc
	docs/structured/03-getting-started.asciidoc
	docs/structured/appendices/01-reference.asciidoc
	docs/structured/authentication/ldap.asciidoc
	docs/structured/authentication/message-authentication.asciidoc

Original commit: elastic/x-pack-elasticsearch@f0b7511ec7
2014-10-17 13:40:27 -07:00
Areek Zillur 8367fc43d5 minor fix
Original commit: elastic/x-pack-elasticsearch@9552d8fbb1
2014-10-17 10:58:24 -04:00
Areek Zillur 0b72572711 minor fixes
Original commit: elastic/x-pack-elasticsearch@59fcb1728f
2014-10-17 10:35:17 -04:00