Modified pom.xml to do static analysis without Jenkins
'mvn -DskipTests=true -Pstatic clean compile site' to start analysis
The reports are at target/site/project-reports.html.
Original commit: elastic/x-pack-elasticsearch@ddec28e8d0
Added `ShieldRestTests` that extends `ElasticsearchRestTests` allowing to run REST tests against es+shield. Tests won't be run by default as they require additional configuration (e.g. rest tests and spec location on file system). They can be activated via `-Dtests.rest=true`. Rest tests and spec location can be provided as follows:
```
-Dtests.rest.spec=/path/to/elasticsearch/rest-api-spec/api -Dtests.rest.suite=/path/to/elasticsearch/master/rest-api-spec/test
```
Some tests need to be blacklisted at this moment as follows:
```
-Dtests.rest.blacklist=scroll/*/*,mpercolate/*/*,msearch/*/*
```
Closeselastic/elasticsearch#79
Original commit: elastic/x-pack-elasticsearch@6f3e72dd87
The automaton support changed quite a bit in 4.10 which required determinizing all the automatons used in the Privilege
Original commit: elastic/x-pack-elasticsearch@96a82f0f5d
The LDAP realm is a bind-per-user strategy and the group lookup strategy is configurable.
If a role mapping file is not defined, groups names are taken as role names.
Special configuration for active directory simplifies the configuration.
Integration Tests are using an embedded apache DS LDAP Server.
Original commit: elastic/x-pack-elasticsearch@ce20e1b3be
- Also added an overloaded version of the AuthenticationService#token method that accepts a default token and that doesn't thrown an authentication exception
- Added AuditTrail#authenticationFailed method at a higher level than the realm version. Now the realm authc failure will only be logged when trace is enabled. With this change, the audit trail logging is more consistent in its terminology (anonymous is now logged when no auth token is found)
- extended the level of audit trail logging tuning (now using all logging levels, incl. error & warn)
- Added tests for audit trails
- Added tests for authentication service
- Added mockito as a test lib (will serve as our mocking framework)
Original commit: elastic/x-pack-elasticsearch@8d21ab7484
Changed the scope of the guava dependency to prevent wrong imports and always use the shaded ones.
This required a change in the forbidden API signatures, as that tool alwyas try load the class and fail
if the class cannot be found.
Original commit: elastic/x-pack-elasticsearch@90a245423a
There are four modules:
- authc: realm based authentication module
- authz: role based privileges & permissions authorization module
- n2n: node to node authentication module (incl. IP filtering auth)
- audit: audit trail module (only includes log file audit trails for now)
Original commit: elastic/x-pack-elasticsearch@b1ec9e2923
Alexander Reelsen
Bill Hwang
javanna
Michael McCandless
uboness
c-a-m