Commit Graph

28 Commits

Author SHA1 Message Date
javanna 8320be7b09 Build: add scm info to pom.xml
Build number maven plugin requires this info to retrieve the build number and make it available as a variable, which is then published through RestShieldInfoAction, which is currently null. This commit makes sure the build number gets currently published.

Closes elastic/elasticsearch#428

Original commit: elastic/x-pack-elasticsearch@0a2bc7646b
2014-12-05 12:42:44 +01:00
javanna 02c3601ac5 Build: fix dependencies order in pom
tests-framework.jar must be before lucene-core.jar

Original commit: elastic/x-pack-elasticsearch@7aa48f737a
2014-12-05 08:49:36 +01:00
javanna 093d9a901c Packaging: set es core as provided dependency
Also update the assembly configuration and the commons-codec version

Closes elastic/elasticsearch#423

Original commit: elastic/x-pack-elasticsearch@27e76c5307
2014-12-05 07:41:19 +01:00
uboness e646fd5edc Integration with license plugin
- Added a `LicenseService` to handle license feature enable/disable events
 - LicenseEventNotifier is responsible for notifying the license events to whatever registered listeners that are interested in them
 - In Shield, when a license is disabled for `shield` feature, we block all read operations (done in the `ShieldActionFilter`)
 - Added initial documentation around licensing

Closes elastic/elasticsearch#347

Original commit: elastic/x-pack-elasticsearch@6ba7a10cd4
2014-12-04 20:49:35 +01:00
javanna a995ed9cca [TEST] allow to configure tests.timezone and tests.locale
tests.timezone and tests.locale are values that gets randomized all the time (even without configuring them). They don't get printed yet out with shield failures as this was only recently added to es core, but it makes sense to get ready and allow to configure them for better test repeatability.

Also removed support for es.node.mode and es.node.local as we always use network since we test with unicast discovery only.

Original commit: elastic/x-pack-elasticsearch@d03fa0c162
2014-11-27 11:40:13 +01:00
Alexander Reelsen 2f4fb2cf48 Dependencies: Upgrade to Elasticsearch 1.4.0
* Configuring the transport pipeline has changed due to adding profiles in 1.4
* Lots of tests needed to be changed in order to not leave thread pools around
* ApacheDs leaves a thread lingering around, thus a ThreadLeakFilter needed to be added

Original commit: elastic/x-pack-elasticsearch@de35362fc4
2014-11-06 12:03:49 +01:00
Alexander Reelsen 4903852f48 Packaging: Include build information
Also added a ShieldBuild class to return

* Shield version
* Shield build hash
* Shield build timestamp

Also added a '/_shield' endpoint which returns those fields.

Original commit: elastic/x-pack-elasticsearch@38928d1ef6
2014-11-05 10:28:02 +01:00
Alexander Reelsen d608fe2b60 Build: Enable resource filtering to include version
Closes elastic/elasticsearch#200

Original commit: elastic/x-pack-elasticsearch@2cbf0cecf6
2014-10-24 09:37:43 -07:00
Bill Hwang 2a1ce81960 [CI] Added static analysis dependencies
Modified pom.xml to do static analysis without Jenkins

'mvn -DskipTests=true -Pstatic clean compile site' to start analysis
The reports are at target/site/project-reports.html.

Original commit: elastic/x-pack-elasticsearch@ddec28e8d0
2014-10-07 11:06:35 -06:00
javanna 5b1dd41f23 Move to elasticsearch-1.4.0.Beta1 (no snapshot)
Original commit: elastic/x-pack-elasticsearch@18c93bcae2
2014-10-02 15:42:21 +02:00
Michael McCandless 3b1ae0b593 Upgrade to Lucene 4.10.1
Original commit: elastic/x-pack-elasticsearch@31273b6769
2014-10-01 05:15:49 -04:00
Alexander Reelsen 2fbf4436aa Dependencies: Updating to elasticsearch 1.4.0.Beta1
Original commit: elastic/x-pack-elasticsearch@66cc907790
2014-10-01 11:11:33 +02:00
Michael McCandless d9d5cbeb32 upgrade to Lucene 4.10.1 snapshot
Original commit: elastic/x-pack-elasticsearch@d41ba71039
2014-09-24 16:35:42 -04:00
javanna 723725753a [TEST] Make it possible to run REST tests against es+shield
Added `ShieldRestTests` that extends `ElasticsearchRestTests` allowing to run REST tests against es+shield. Tests won't be run by default as they require additional configuration (e.g. rest tests and spec location on file system). They can be activated via `-Dtests.rest=true`. Rest tests and spec location can be provided as follows:

```
-Dtests.rest.spec=/path/to/elasticsearch/rest-api-spec/api -Dtests.rest.suite=/path/to/elasticsearch/master/rest-api-spec/test
```

Some tests need to be blacklisted at this moment as follows:

```
-Dtests.rest.blacklist=scroll/*/*,mpercolate/*/*,msearch/*/*
```

Closes elastic/elasticsearch#79

Original commit: elastic/x-pack-elasticsearch@6f3e72dd87
2014-09-19 17:08:17 +02:00
javanna fee5a30f7f Update es core version to 1.4.0.Beta-SNAPSHOT
Original commit: elastic/x-pack-elasticsearch@acd0ab0292
2014-09-15 15:46:24 +02:00
uboness f4b4075cfa Upgraded to Lucene 4.10 and fixed the build
The automaton support changed quite a bit in 4.10 which required determinizing all the automatons used in the Privilege

Original commit: elastic/x-pack-elasticsearch@96a82f0f5d
2014-09-06 15:41:22 +02:00
Bill Hwang 3ae67f3999 [BUILD] Added license check
1) Enforce license header check on source files
2) Add missing license header to existing sources

Original commit: elastic/x-pack-elasticsearch@da73e4f2b6
2014-09-02 15:54:05 -07:00
Bill Hwang 6b0ec94eab [CI] Add JaCoCo plug in dependencies
Add jacoco plug in depdencies to pom.xml, inside a profile.
This enables code coverage analysis

Original commit: elastic/x-pack-elasticsearch@eedf882368
2014-09-02 12:18:07 -07:00
c-a-m 9cd397727f LDAP: Implements an LDAP realm
The LDAP realm is a bind-per-user strategy and the group lookup strategy is configurable.
If a role mapping file is not defined, groups names are taken as role names.
Special configuration for active directory simplifies the configuration.

Integration Tests are using an embedded apache DS LDAP Server.

Original commit: elastic/x-pack-elasticsearch@ce20e1b3be
2014-08-25 15:36:31 -06:00
uboness 1f5f3f21f9 Changed the contract of AuthenticationService#token to throw an authentication exception when no token found
- Also added an overloaded version of the AuthenticationService#token method that accepts a default token and that doesn't thrown an authentication exception
- Added AuditTrail#authenticationFailed method at a higher level than the realm version. Now the realm authc failure will only be logged when trace is enabled. With this change, the audit trail logging is more consistent in its terminology (anonymous is now logged when no auth token is found)
- extended the level of audit trail logging tuning (now using all logging levels, incl. error & warn)
- Added tests for audit trails
- Added tests for authentication service
- Added mockito as a test lib (will serve as our mocking framework)

Original commit: elastic/x-pack-elasticsearch@8d21ab7484
2014-08-13 14:23:28 +02:00
uboness fe4571da43 Changed the version to 1.0.0-SNAPSHOT
Also added ShieldVersion to track version changes in the codebase

Original commit: elastic/x-pack-elasticsearch@3282329ee9
2014-08-12 13:34:46 +02:00
Alexander Reelsen 75cf637fed Build: Do not depend on guava in compile scope
Changed the scope of the guava dependency to prevent wrong imports and always use the shaded ones.
This required a change in the forbidden API signatures, as that tool alwyas try load the class and fail
if the class cannot be found.

Original commit: elastic/x-pack-elasticsearch@90a245423a
2014-08-08 12:57:28 +02:00
Alexander Reelsen d0673b0cfb Added SSL support in netty
This introduces the possibility to have all communications (transport
and HTTP) to run over SSL.

Original commit: elastic/x-pack-elasticsearch@c816a65f53
2014-07-22 11:41:17 +02:00
Alexander Reelsen bc0e233589 Removed netty dependency. Use shaded classes as imports
Original commit: elastic/x-pack-elasticsearch@46483aa44f
2014-07-22 11:20:41 +02:00
uboness 9b3160b7ac Added more unit tests, re-implemented & added tests for ESUsersTool
- Added CliTool infrastructure (should eventually be moved to core and removed from this repo)

Original commit: elastic/x-pack-elasticsearch@ba498163f5
2014-07-21 04:42:04 +02:00
uboness f727e29066 Initial commit of the infrastructure codebase for security
There are four modules:
 - authc: realm based authentication module
 - authz: role based privileges & permissions authorization module
 - n2n: node to node authentication module (incl. IP filtering auth)
 - audit: audit trail module (only includes log file audit trails for now)

Original commit: elastic/x-pack-elasticsearch@b1ec9e2923
2014-07-17 17:58:36 +02:00
Alexander Reelsen 5ede63f180 Dependencies: Upgraded to elasticsearch 1.4.0-SNAPSHOT
Original commit: elastic/x-pack-elasticsearch@ccec992aeb
2014-07-17 08:35:16 +02:00
Alexander Reelsen b201d726b2 Initial import
Original commit: elastic/x-pack-elasticsearch@d85c3afaf4
2014-07-07 11:30:28 +02:00