OpenSearch/x-pack/plugin/ilm
Albert Zaharovits 480561dbc3
Store and use only internal security headers (#66365)
For async searches (EQL included) the client's request headers were
erroneously stored in the .tasks index. This might expose the requesting
client's HTTP Authorization header. This PR fixes that by employing the
usual approach to store only the security-internal headers, which carry
the authentication result, instead of the original Authorization header,
which is commonly utilized to redo authentication for scheduled tasks.
2020-12-17 23:40:55 +02:00
..
qa Tests: fix testMoveToStepRereadsPolicy flakiness (#64466) (#64593) 2020-11-04 15:04:01 +00:00
src Store and use only internal security headers (#66365) 2020-12-17 23:40:55 +02:00
build.gradle [7.x] Remove integTest task from PluginBuildPlugin (#61879) (#62135) 2020-09-09 14:25:41 -05:00