In order to use the `esusers` tool and to crypt passwords, one needs
to have the jar packaged in the zip release. This adds the depdendency
to the assembly descriptor.
Original commit: elastic/x-pack-elasticsearch@82ae451892
- Also introduced an option to disable esusers auth (such that if users configured ldap, the audit trails won't get cluttered by failed authentication in esusers
- Moved the realms initialization to a dedicated Realms class
- Also introduce an option to completely disable shield while keeping the installed plugin and its settings
Original commit: elastic/x-pack-elasticsearch@b554ad5ba7
Now the UsernamePasswordToken, once resolved, is placed in the (new) request context as is (avoids the need to re-parse headers)
Original commit: elastic/x-pack-elasticsearch@f898a94157
Two new commands to the command line tool have been added
* esusers list: Allows to list all users with their roles or only a single one
* esusers roles: Allows to add or remove roles
Roles have been configured as to only consist of lowercase alphanumeric characters.
Original commit: elastic/x-pack-elasticsearch@6fcb4c56e4
Changed the scope of the guava dependency to prevent wrong imports and always use the shaded ones.
This required a change in the forbidden API signatures, as that tool alwyas try load the class and fail
if the class cannot be found.
Original commit: elastic/x-pack-elasticsearch@90a245423a
* Add config and bin directory to assembly
* Add main method to ESUsersTool so it starts
* Fix bin/esusers to actually start
* Fix ESUsersTool to write files in config/shield by default as each plugin has its own directory after installation
* Changed bin/ and config/ directory to reflect path after installation in ES
Original commit: elastic/x-pack-elasticsearch@7d4165e389
Used the existing infra structure to filter by ip in the netty pipeline
before any other handler is hit, in order to reject as soon as possible.
Right now the connection is simply closed.
The configuration is a simple YAML file which uses allow/deny rules
Original commit: elastic/x-pack-elasticsearch@000e44f8cc
Settings for SSL now all start with `shield` as well. Changed documentation and tests to reflect this.
Original commit: elastic/x-pack-elasticsearch@9dd3bc865e
There are four modules:
- authc: realm based authentication module
- authz: role based privileges & permissions authorization module
- n2n: node to node authentication module (incl. IP filtering auth)
- audit: audit trail module (only includes log file audit trails for now)
Original commit: elastic/x-pack-elasticsearch@b1ec9e2923
- Added "show_home" option to loader
- Added custom "Save" panel to navigation panels
- Changed "Marvel Dashboards" to "Dashboards"
- Added merge code to Navigation to merge saved dashboards into static
dashboards
- Splitting up functions into discrete files
- Removing findDashboardByLink() method
- Changed Experimental to Stable for all Marvel panels
Original commit: elastic/x-pack-elasticsearch@933f031beb
* feature/url_auto_complete:
Added url params for get_source. Removed trailing slash from _delete_doc
Implemented all 1.0 breaking changes
Added autocomplete support for url query strings parameters
Introduced a pattern based url auto complete backend
Original commit: elastic/x-pack-elasticsearch@96453b205a
Added Aggregations to KB
Lazy load API
Encapsulated ES calls into an es module. Introduced api_1_0 (currently a copy of api_0_90) .
Version is auto detected and set based on GET / .
Original commit: elastic/x-pack-elasticsearch@4ab37d459f