honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack
History
Tim Vernum 273c82d7c9
Add support for "authorization_realms" (#33262) 
Authorization Realms allow an authenticating realm to delegate the task
of constructing a User object (with name, roles, etc) to one or more
other realms.

E.g. A client could authenticate using PKI, but then delegate to an LDAP
realm. The LDAP realm performs a "lookup" by principal, and then does
regular role-mapping from the discovered user.

This commit includes:
- authorization_realm support in the pki, ldap, saml & kerberos realms
- docs for authorization_realms
- checks that there are no "authorization chains"
   (whereby "realm-a" delegates to "realm-b", but "realm-b" delegates to "realm-c")

Authorization realms is a platinum feature.
 		2018-08-31 13:25:27 +10:00
..
dev-tools
docs Add support for "authorization_realms" (#33262) 2018-08-31 13:25:27 +10:00
license-tools Build: Rework shadow plugin configuration (#32409) 2018-08-21 20:03:28 -04:00
plugin Add support for "authorization_realms" (#33262) 2018-08-31 13:25:27 +10:00
protocol Test fix - Graph HLRC tests needed another field adding to randomisation exception list 2018-08-29 15:19:26 +01:00
qa Add support for "authorization_realms" (#33262) 2018-08-31 13:25:27 +10:00
test Build: Rework shadow plugin configuration (#32409) 2018-08-21 20:03:28 -04:00
transport-client Run forbidden api checks with runtimeJavaVersion (#32947) 2018-08-22 09:05:22 +03:00
NOTICE.txt
README.md
build.gradle HLREST: Add x-pack-info API (#31870) 2018-07-08 11:03:56 -04:00

README.md

Elastic License Functionality

This directory tree contains files subject to the Elastic License. The files subject to the Elastic License are grouped in this directory to clearly separate them from files licensed under the Apache License 2.0.