- Also added an overloaded version of the AuthenticationService#token method that accepts a default token and that doesn't thrown an authentication exception
- Added AuditTrail#authenticationFailed method at a higher level than the realm version. Now the realm authc failure will only be logged when trace is enabled. With this change, the audit trail logging is more consistent in its terminology (anonymous is now logged when no auth token is found)
- extended the level of audit trail logging tuning (now using all logging levels, incl. error & warn)
- Added tests for audit trails
- Added tests for authentication service
- Added mockito as a test lib (will serve as our mocking framework)
Original commit: elastic/x-pack-elasticsearch@8d21ab7484
Changed the scope of the guava dependency to prevent wrong imports and always use the shaded ones.
This required a change in the forbidden API signatures, as that tool alwyas try load the class and fail
if the class cannot be found.
Original commit: elastic/x-pack-elasticsearch@90a245423a
There are four modules:
- authc: realm based authentication module
- authz: role based privileges & permissions authorization module
- n2n: node to node authentication module (incl. IP filtering auth)
- audit: audit trail module (only includes log file audit trails for now)
Original commit: elastic/x-pack-elasticsearch@b1ec9e2923
uboness
Alexander Reelsen