Commit Graph

6318 Commits

Author SHA1 Message Date
uboness 3ab8f57f34 [Fix] - Return 401 on any authentication error
Fixes a bug where the wrong exception and wrong error status code (500) were returned when the user sent the wrong username/password. This fixes this beahviour to return an `AuhthenticationException` with a 401 status code.

Fixes elastic/elasticsearch#271

Original commit: elastic/x-pack-elasticsearch@0a120caeae
2014-10-28 14:39:49 +01:00
Areek Zillur 9947dab389 explicit UTC date parsing
Original commit: elastic/x-pack-elasticsearch@80a3f01ab1
2014-10-27 23:35:20 -04:00
Igor Motov 351288b3dc Remove LicenseSpecs
Original commit: elastic/x-pack-elasticsearch@ccdbe41261
2014-10-27 22:38:39 -04:00
Areek Zillur 5a63b6bb8b prefix endpoints with _
Original commit: elastic/x-pack-elasticsearch@b300803aa5
2014-10-27 22:20:15 -04:00
Areek Zillur 021974fb22 Make Type & SubscriptionType strings instead of enums
Original commit: elastic/x-pack-elasticsearch@e48ebc447d
2014-10-27 21:58:00 -04:00
Areek Zillur a82a0a4e6a licensesService cleanup
Original commit: elastic/x-pack-elasticsearch@a1c136d3bb
2014-10-27 21:37:16 -04:00
Areek Zillur 79f430ebaf remove comment
Original commit: elastic/x-pack-elasticsearch@e55d3bebb4
2014-10-27 21:35:14 -04:00
Igor Motov 61b1750058 Refactor license serialization/deserialization
Original commit: elastic/x-pack-elasticsearch@ac0bb4a147
2014-10-27 20:04:09 -04:00
Areek Zillur a57164ec67 REFACTOR: convert internal license feature to json blob
Original commit: elastic/x-pack-elasticsearch@21d99b2219
2014-10-27 17:57:52 -04:00
Paul Echeverri 1f540dbc50 Adds intro text to Clients page, general fixes elsewhere
Original commit: elastic/x-pack-elasticsearch@6a8bd1a4a2
2014-10-27 13:30:28 -07:00
uboness 4c2df8ff3e Cleaned up roles.xml
Also updated the default roles test (to include marvel)

Original commit: elastic/x-pack-elasticsearch@5fb320273f
2014-10-27 21:26:49 +01:00
uboness c7e927734c Fixed a bug in Cluster privileges where resolve failed for template APIs
We now moved from the logic of checking `indices:` and `cluster:` prefixes to determine whether an action is an indices or a cluster action... instead we use the index/cluster privielge `all` privilege to determine that (which is more accurate in the context of shield, as it enables us to move actions between the two categories while keeping their logical name intact)

Also updated the docs to reflect that template related actions are infact cluster actions.

Original commit: elastic/x-pack-elasticsearch@8027334105
2014-10-27 19:31:21 +01:00
Paul Echeverri 647e545c79 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/public/02-architecture.asciidoc
	docs/public/04-authorization.asciidoc
	docs/public/07-securing-nodes.asciidoc
	docs/public/clients/kibana.asciidoc
	docs/public/clients/logstash.asciidoc
	docs/public/clients/marvel.asciidoc

Original commit: elastic/x-pack-elasticsearch@57efef1bf6
2014-10-27 11:16:58 -07:00
Areek Zillur 7f11de275f minor fix: LicenseSpecs
Original commit: elastic/x-pack-elasticsearch@5c9e0b3ad0
2014-10-27 13:18:36 -04:00
uboness 25d21570d6 Better shield user configuration
Added `shield.user` setting so that the clients won't need to go through the unnatural and tedious process of configuring the `Authorization` header directly (that also requires the user to applicat the base64(username:password) logic.

Now, the user can just set the following settings to bind a user to the client:

```yaml
shield.user: 'username:password'
```

Original commit: elastic/x-pack-elasticsearch@94be3abd92
2014-10-27 18:07:36 +01:00
Areek Zillur d1afd77bde nuked LicenseSpec; merge to ESLicense
Original commit: elastic/x-pack-elasticsearch@f7dc1b7c9c
2014-10-27 12:49:18 -04:00
Areek Zillur 93607c8403 remove trial package
Original commit: elastic/x-pack-elasticsearch@0b194a31a1
2014-10-27 11:30:53 -04:00
Areek Zillur c5c6de5864 Changes:
- nuked TrailLicense
 - Move license expiry enforcement logic to LicensesService
 - clean up ESLicenseManager
 - make notification scheduling logic as lazy as possible
 - make sure to notify from cluster changed only if needed
 - added tests for notification

Original commit: elastic/x-pack-elasticsearch@e31b682f41
2014-10-27 11:27:38 -04:00
Igor Motov b480d1f23c Convert LicenseVerificationTests to use date math
Original commit: elastic/x-pack-elasticsearch@481b9eb821
2014-10-27 10:34:44 -04:00
uboness 99ddffe510 esusers tool - added warnings when using unknown roles
When assigning roles to users, we now show a warning if the assigned roles don't exist.

Closes elastic/elasticsearch#209

Original commit: elastic/x-pack-elasticsearch@c2e9bf03eb
2014-10-26 04:11:27 +01:00
Martijn van Groningen a23487cd38 Fixed build by:
* Using cluster state listener to clear alerts when .alerts index is removed. (when running on multiple nodes the .alerts index is scattered so indices listener doesn't work).
* Remove the starting / loading thread and move the initial loading to cluster state listener.

Original commit: elastic/x-pack-elasticsearch@b8f41db2ea
2014-10-25 23:37:05 +02:00
uboness 33b89301fb Enforces cluster permission checks for all cluster actions
Enforcing means that cluster actions will not be evaluated (as a fallback) by Index permissions. This enables us to move what typically would be considered indices actions and put them under the cluster privileges (a good example for this are all the template management APIs... we want to enforce cluster admin privileges over them).

Original commit: elastic/x-pack-elasticsearch@ee870954f2
2014-10-25 23:17:18 +02:00
Paul Echeverri 4dc8a524f5 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/public/clients/java.asciidoc

Original commit: elastic/x-pack-elasticsearch@6478165c72
2014-10-24 15:10:26 -07:00
Areek Zillur 41e9d5db6d added node tests
Original commit: elastic/x-pack-elasticsearch@c3957ea221
2014-10-24 16:35:39 -04:00
Areek Zillur e98336872c fix cluster license propagation logic; add logging
Original commit: elastic/x-pack-elasticsearch@854197169f
2014-10-24 14:13:23 -04:00
Bill Hwang 266a53d913 [CI] Add jacoco coverage profile
Original commit: elastic/x-pack-elasticsearch@1f9a665e8f
2014-10-24 10:16:03 -07:00
Martijn van Groningen 449edcda1d * Throw a understandle error if an alert action doesn't exist
* Moved over to a copy on write map instead of a hash map that is protected by synchronized blocks

Original commit: elastic/x-pack-elasticsearch@285515d585
2014-10-24 18:50:47 +02:00
Alexander Reelsen d608fe2b60 Build: Enable resource filtering to include version
Closes elastic/elasticsearch#200

Original commit: elastic/x-pack-elasticsearch@2cbf0cecf6
2014-10-24 09:37:43 -07:00
Martijn van Groningen 39182616c7 Added slf4j log4j bindings for quartz :(
Original commit: elastic/x-pack-elasticsearch@2bc5bda9ed
2014-10-24 18:18:42 +02:00
Areek Zillur aa4720a2c8 Update License GET API; minor cleanup
Original commit: elastic/x-pack-elasticsearch@4d4d84caec
2014-10-24 12:03:11 -04:00
Martijn van Groningen 1a32243781 Changes to AlertManager:
* Made use of IndicesLifecycle, to catch when the .alerts index gets deleted, so we can clear the alerts
* Moved to concurrent hashmap in favour over normal hashmap with synchronized blocks

Original commit: elastic/x-pack-elasticsearch@5599d01c78
2014-10-24 16:51:12 +02:00
Martijn van Groningen 16a7991d6d Rename and move the plugin class.
Original commit: elastic/x-pack-elasticsearch@b6f7a0490e
2014-10-24 14:31:20 +02:00
Brian Murphy 686f83ebb8 Merge pull request elastic/elasticsearch#14 from GaelTadh/change-packages
Alerting: Split alerting into packages

Original commit: elastic/x-pack-elasticsearch@68f2b86cb0
2014-10-24 13:22:15 +01:00
Brian Murphy ac979c880d Alerting : rename alerting package to alerts and fix test.
This commit renames the alerting package to alerts and will create the
alerts index on addAlert if needed.

Original commit: elastic/x-pack-elasticsearch@7cd691bd9b
2014-10-24 13:01:45 +01:00
Brian Murphy db9fae8021 Alerting: Split alerting into packages
This commit adds separate packages for actions,triggers,rest, and the scheduler.

Original commit: elastic/x-pack-elasticsearch@e104bbc521
2014-10-24 12:32:18 +01:00
Martijn van Groningen 9b7b2214c0 Removed duplicate dependency
Original commit: elastic/x-pack-elasticsearch@58a9068b61
2014-10-24 13:13:59 +02:00
Martijn van Groningen 96fe2d9ddf silly me
Original commit: elastic/x-pack-elasticsearch@b24829745d
2014-10-24 13:09:28 +02:00
Martijn van Groningen 6c66ca5fdc Build: Updated the groupId and artifactId
Original commit: elastic/x-pack-elasticsearch@326d53f3ec
2014-10-24 13:07:36 +02:00
Martijn van Groningen 75ef2dc3b3 Initial step to running alerts on master and added a very simple test.
Original commit: elastic/x-pack-elasticsearch@480f6bd44b
2014-10-24 12:49:33 +02:00
Igor Motov 1a5f72c28d Packaging system cleanup
Original commit: elastic/x-pack-elasticsearch@9a8b2b7158
2014-10-23 22:02:26 -04:00
Areek Zillur ceaefcb2c8 Initial node level tests; minor cleanup
Original commit: elastic/x-pack-elasticsearch@a917460b3c
2014-10-23 21:37:30 -04:00
Alexander Reelsen 2f3fe95f7e esvm: Fix roles configuration used by esvm
Original commit: elastic/x-pack-elasticsearch@7a25eff61c
2014-10-23 14:36:49 -07:00
Paul Echeverri b3789a74e4 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Conflicts:
	docs/public/04-authorization.asciidoc
	docs/public/clients/logstash.asciidoc

Original commit: elastic/x-pack-elasticsearch@699aa52379
2014-10-23 14:01:41 -07:00
Areek Zillur 941a440046 minor chagne
Original commit: elastic/x-pack-elasticsearch@b7306dc60a
2014-10-23 15:42:45 -04:00
Areek Zillur 28bc28e30d LicensesClientService.register works even if there is no master; LicensesManagerService.licenses() returns
one appropriate license per registered feature

Original commit: elastic/x-pack-elasticsearch@4d3ac103d6
2014-10-23 15:37:58 -04:00
Alexander Reelsen a52993db78 esvm: Added user configurations to make esvm usable again
Also added a logstash configuration for simple performance
testing (useful for comparing different hash functions)

Original commit: elastic/x-pack-elasticsearch@c9f08fbb12
2014-10-23 10:34:04 -07:00
uboness a287863ab0 Added cluster & indices monitoring privileges to System
This is required for marvel agent to collect its data.

Closes elastic/elasticsearch#137

Original commit: elastic/x-pack-elasticsearch@c1ed58aafb
2014-10-23 19:19:50 +02:00
uboness b7dac66c8a Changed the cached hashing algorithm for cached realms
Now the passwords are hashed in-memory using SHA2 by default (instead of original bcrypt). Also, it's now possible to configure the in-memory hashing algorithm.

Original commit: elastic/x-pack-elasticsearch@e2d1b3116b
2014-10-23 19:15:31 +02:00
uboness 521ebe4672 Change the way patterns are resolved in roles.yml
Now, there are two types of supported patters:

- wildcards (default) - simple wildcard match where `*` indicates zero or more characters and `?` indicates a single character (`\` can be used as an escape charachter)
- regular expressions - can be "enabled" by wrapping the pattern in `/` (e.g. `/foo.*/`). The regex syntax is based on lucene's regex syntax (not Java's Pattern).

Closes elastic/elasticsearch#253

Original commit: elastic/x-pack-elasticsearch@edd912122d
2014-10-23 19:04:01 +02:00
Paul Echeverri d46b13e4f5 Merge branch 'master' of https://github.com/elasticsearch/elasticsearch-shield into doc-feedback
Original commit: elastic/x-pack-elasticsearch@9d1e4019e3
2014-10-23 09:21:35 -07:00