honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/docs/java-rest/high-level/security
History
Albert Zaharovits 1ebee5bf9b
PKI realm authentication delegation (#45906) 
This commit introduces PKI realm delegation. This feature
supports the PKI authentication feature in Kibana.

In essence, this creates a new API endpoint which Kibana must
call to authenticate clients that use certificates in their TLS
connection to Kibana. The API call passes to Elasticsearch the client's
certificate chain. The response contains an access token to be further
used to authenticate as the client. The client's certificates are validated
by the PKI realms that have been explicitly configured to permit
certificates from the proxy (Kibana). The user calling the delegation
API must have the delegate_pki privilege.

Closes #34396
 		2019-08-27 14:42:46 +03:00
..
authenticate.asciidoc Add realm information for Authenticate API (#35648) 2018-11-27 23:35:42 +02:00
change-password.asciidoc Deprecate HLRC EmptyResponse used by security (#37540) 2019-01-23 22:13:16 -06:00
clear-realm-cache.asciidoc HLRC: add support for the clear realm cache API (#35163) 2018-11-06 13:12:24 -07:00
clear-roles-cache.asciidoc HLREST: Add Clear Roles Cache API (#34187) 2018-10-26 12:16:44 -06:00
create-api-key.asciidoc Add support for API keys to access Elasticsearch (#38291) 2019-02-05 14:21:57 +11:00
create-token.asciidoc HLRC: Add security Create Token API (#34791) 2018-10-29 17:17:56 +11:00
delegate-pki-authentication.asciidoc PKI realm authentication delegation (#45906) 2019-08-27 14:42:46 +03:00
delete-privileges.asciidoc Add Delete Privileges API to HLRC (#35454) 2018-11-14 14:04:30 +01:00
delete-role-mapping.asciidoc [HLRC] Add support for Delete role mapping API (#34531) 2018-10-19 13:46:26 +11:00
delete-role.asciidoc HLRC: Delete role API (#34620) 2018-10-20 12:11:36 +02:00
delete-user.asciidoc HLRC: Add delete user action (#35294) 2018-11-29 07:52:56 +01:00
disable-user.asciidoc Deprecate HLRC EmptyResponse used by security (#37540) 2019-01-23 22:13:16 -06:00
enable-user.asciidoc Deprecate HLRC EmptyResponse used by security (#37540) 2019-01-23 22:13:16 -06:00
get-api-key.asciidoc Add support for API keys to access Elasticsearch (#38291) 2019-02-05 14:21:57 +11:00
get-builtin-privileges.asciidoc Support builtin privileges in get privileges API (#43901) 2019-07-03 19:08:28 +10:00
get-certificates.asciidoc Fix get certificates HLRC API (#36198) 2018-12-06 12:44:51 +02:00
get-privileges.asciidoc [DOCS] Various spelling corrections (#37046) 2019-01-07 14:44:12 +01:00
get-role-mappings.asciidoc [HLRC] Add support for get role mappings API (#34637) 2018-10-29 10:12:13 +11:00
get-roles.asciidoc [DOCS] Various spelling corrections (#37046) 2019-01-07 14:44:12 +01:00
get-user-privileges.asciidoc HLRC: Implement get-user-privileges API (#36292) 2018-12-12 15:12:49 +11:00
get-users.asciidoc [DOCS] Various spelling corrections (#37046) 2019-01-07 14:44:12 +01:00
has-privileges.asciidoc HLRC: Add "_has_privileges" API to Security Client (#35479) 2018-11-16 13:52:06 +11:00
invalidate-api-key.asciidoc Add support for API keys to access Elasticsearch (#38291) 2019-02-05 14:21:57 +11:00
invalidate-token.asciidoc Invalidate Token API enhancements - HLRC (#36362) 2018-12-18 16:12:43 +02:00
put-privileges.asciidoc [HLRC] Add support for put privileges API (#35679) 2018-12-09 16:03:28 +11:00
put-role-mapping.asciidoc [HLRC] Add support for Delete role mapping API (#34531) 2018-10-19 13:46:26 +11:00
put-role.asciidoc [HLRC] Put Role (#36209) 2018-12-10 09:41:31 +02:00
put-user.asciidoc HLRC: Add ability to put user with a password hash (#35844) 2018-11-27 15:07:24 +11:00