From d4c20f040250ab3e5fef6d43fe5f06af9ada504a Mon Sep 17 00:00:00 2001 From: aetter Date: Tue, 28 Sep 2021 15:33:48 -0700 Subject: [PATCH] Re-add LDAP Docker example Update Docker Compose file --- _security-plugin/configuration/ldap.md | 6 ++---- assets/examples/ldap-example.zip | Bin 4169 -> 5923 bytes 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/_security-plugin/configuration/ldap.md b/_security-plugin/configuration/ldap.md index 8a69ba2a..ff8da4eb 100755 --- a/_security-plugin/configuration/ldap.md +++ b/_security-plugin/configuration/ldap.md @@ -11,7 +11,6 @@ Active Directory and LDAP can be used for both authentication and authorization In most cases, you want to configure both authentication and authorization. You can also use authentication only and map the users retrieved from LDAP directly to security plugin roles. -{% comment %} ## Docker example @@ -38,7 +37,7 @@ We provide a fully functional example that can help you understand how to use an 1. Index a document as `psantos`: ```bash - curl -XPUT https://localhost:9200/new-index/_doc/1 -H 'Content-Type: application/json' -d '{"title": "Spirited Away"}' -u psantos:password -k + curl -XPUT 'https://localhost:9200/new-index/_doc/1' -H 'Content-Type: application/json' -d '{"title": "Spirited Away"}' -u 'psantos:password' -k ``` If you try the same request as `jroe`, it fails. The `Developers` group is mapped to the `readall`, `manage_snapshots`, and `kibana_user` roles and has no write permissions. @@ -46,14 +45,13 @@ We provide a fully functional example that can help you understand how to use an 1. Search for the document as `jroe`: ```bash - curl -XGET https://localhost:9200/new-index/_search?pretty -u jroe:password -k + curl -XGET 'https://localhost:9200/new-index/_search?pretty' -u 'jroe:password' -k ``` This request succeeds, because the `Developers` group is mapped to the `readall` role. 1. If you want to examine the contents of the various containers, run `docker ps` to find the container ID and then `docker exec -it /bin/bash`. -{% endcomment %} ## Connection settings diff --git a/assets/examples/ldap-example.zip b/assets/examples/ldap-example.zip index 29a2ee81eb2abae937945bedee0b8ae9c57be31f..acecc3e5c22266fc304efc68f20a275c6ac8f468 100644 GIT binary patch literal 5923 zcmdT|c{tR4_nyW!_E839DUq_Tr6LB|#x}OH&)D~EY^B85vNx2hWgEMceR)t6Le`S9 z)@ZROMd6{}e7&zH`B|>#&-b{-muu!a=X0NPpEKwFAk|1n89{)NdrRwX{PEvkw4h@k zCo6L|LF+5#&TdZD!uoo&Ad1vzU31_?h}SjuxvmUG_84nRPgl%UAtx()n+?a9>|V2b|8>62ap#>e%^(rRmM^P}+<%dkO|nyl zx18V^jk3EQ5W`VIof@Vn(j%B2}<~L9&9ltiRtW9b9P7loISLh~*Ud?zt~|YT{;P!yiYAI6&C)EP9%*cS|(P z(iUxjp4U*nG*5pi3>g5%v5=gEvL5&3ni5 zIW?^?!2pT7U2xeT+2Bs%<+!8-DxGf}1h5?LI^qV#+acEM##J*128E0UEH)&gA}J%k zL@}Z!qrzX#K|8aeEHbMmDdTooaY|X??c(sll#t@=nw0$F!mQY`tc>jJvhYaWAZ&bg z_6Z0HF%J}w_-?`@JP|p7{&!wZUZ>I8q%tWB2*k9V%0d@)QMyDbTW_$KZ&KUz{=HGN zN5h_|Z7iNml%i`AfnKzYrdE>>;vI1Vxu6x>D62tam(zdrat<<-GU^~t1YV6>ycFSY z&!z=>GhdAgpgGnUEiM!HhAFuCOc!S`R6fklveTXs&+ zzamNrD>UdQ4E_S7`~KLI0Ftwz!K89YFcH%U;7k+{>aZtgPZLi8oaFZzKUlW^GlYhS zd_TIqa`rBs))*IaCzO|mHO52es2~>agCZmaA@ck>1NVvAv$)aF zBv!}+WF$WXEmLz;x6gblV)`OI=Cc+*&_ppHg3~vl5r2C3h7EyW^+~hxt!W~&3mZpj ziaw*%0v94}CZN-{b@rR*k4Nnb*5gjcGnfkJO}r}WH8T%z=HK*scD<)GTSi4x3WvUC zn1Cn8k$r-&4@T+nT+LEu6~`BZes%tv@1+Qxv?6v~X&Hs#u)3OF->th4C}5DMXe48% z`+0=tp}C13W&UdIlCm}!s5SY&tbSzbWSh>r_fG=ryZH+ibk8;IosGdIK^7H*v+DF zMtAIHX9#vKHWMF;ra#S0;T;K6HW`lgb2bIjQ+6L_?Ck6(od_1~|KX?*OVn~G5g&l@ zH~MA2x_>x|1A{;u+c}DHb+YzAIh(t=*}K^OL(#jkJ-bmfKDOTFsR&K5&jqrKl7NJm zQLyK%I3!9@D$p8%vpVUwI@Kx{@rtZZt=#!1Pa?8r6fsMWKM+yJzWR;FV+O1c^odV600N22J4mw~W&w!lnoNb^E zynAqM@5KKPQY~rAIQ&Qf0x@r=nx(6Yjs0(qVRj#bv$_{theV(wYy1!`K_rR&U*%wF zQV5Pt@Exa=`|<8G=2LkKn)dfHf7Rm~1m0@adQu`ao{fxutE^vIF7j@+j%49Yt< zidQC@NRkZ4qPgbUU8b9A^qhy>sq`a(BV!@r!Tw9>WQ}!=xsvrcJ0ixjCtl63$<|nlom0PnwMozKpi&aM3w^ZJxvarY=9ZlqT4d z@>777Fa@3ON@x`lB{{n$o-=ZvqiHnvp-)xHz_dyw`n)U6=gH|e4mSSl&&&C7!Qr11 zL}n_!3iVE@KMqunBvdNb(+k*3;<^PKoDmo9i<{&lxvY7cTeZ?`AN0lcpIJMvFdc>_ zSss^ieEsuK!Jwr~XmyHdK6Y8TT`qP+<8}LJNwCP%4}Q-Jk$F8uk}NCQ!s?xpES$;s zRgL4{ra%1{qK3aNlH;x|Wq5&S9t0Y2^*y4$O0|q(P&Y0fY@FDmwva{R+a%Rc6^T( z+l6rdgT0mO`&&A#5cBc>Rt+mxOGj&rprxy`o2!TQKXcrexGkFyU%+$Qw)jAANOK4d z_3OSIWu#w+PJxC+oZu)5yvTq%HM!VkG^1K)Ej%}O9@@}Q)}oqouOUwW$FyHwHr61hbQC-h~0)^pBo-Nb@$vD$}Y7(t5b*6 zg?j`PA`^2%D!UqDOPd;DKB?h)V!x7B(yMe_E4*JHz7%>e`%H)4#LV2QB&zpZA{qT` zb2a==U=YUl_2}Mn#h;j5v?o^mZY7RTm7~8H8phe0u06H8enb3%77t3Ouj7MqTujSY zPHv;H{jJrT2PZx@KE9rA7WbqB0oFaIvV?q$DkTd78&cktCCIS6DCeeHfRP4%DX~8* z^OMw<+*_3*K}5CK5fc9{PU^4YMU9VFNFVurvVg2ODm1E(ik-SJ4)z(p+1eVEp*)xocFia9S=8XJ+?hD?VWw5Sh1N$t>s=UW#_3=dL`)SvMgc@^hTu`Jy&)X}v-(UlqhrMdGp1~K&| zp2MovguD}T0$+}qINsHa2}*j#C($u^_vNBT`EmK!Z-xU<@-!`rl?RV+2ANAcSq;_5 zKJ1EfPfj)UuUBnt^IY+eI49LfmGfzW%BAWl&*!$c6Q8DhR{VTr@|j=puNPx9r{|~{ zm4=ifvlizwZNy?>MK8E)CYJ`4rh0w7lw|nZ?I;`%dqqw9htV2nl6v+UGiB4~tv%FX zbCUOl9N}Q6wOFZt@%*R7Oz!eC)e8fWy>~7x-Mv04qvhB#GMzu*$oy9G*0o>6u|feE z<)l+3B>{new)#D0wl>@&;+WZMYuu;z{?)i~XD12~R+cbu3@4`?l1HT#e2fXM+Y|;( zKy-EYs|lQXuG-(BDj>uwsHvf1D%%;s^)wa9dL*WCLKig*2CWg&G zTa`3$kFaU8*!2UTUAOx^V(w6*tuXaG!P^(NmP+dgsk z0STy|t(!Wael`t{^(1!uA0YQ$$@jqs#M+7x*!?#Rk0n5M$GCUceINq+(AG@}*t$0j zj~%1j262~_Xdi4qkgeE&rEAmhSVfxMvF#FXA5g&b-8z^5B&QVZHc7azkIGWKCG(b%$tgc7pvTQnXfBE*Cu=7|`Z7(+wJ_*sWYnIe10mWnJT zl_j*$$dVPf}4u1I*Ma?TH&B8dQ z0{2}pR7`rdYg$g$9`uSJPz@IM4G6@!1-c~_*12O(1iD=&)lq7ab7?dhP?4KV%Bdhz za!D0HDVbDpr=*k|n|!CShD4Di#)>#{bFqUQZJ}I*_&Prt(=nEF|9dePhzoR%`C{h6 zk1+vEa~vQb<0xJ~<(J0=rS=^ss>2hOB9nwiRIjz(rRd3YKTwpz=DyCQ^~#nLGwVo= z^$5ocVb&M6HVmh?(Oscs2QZoyg@y^zA>NMMXyeioZ1M?{W)m0_FEh;H@_2kfF3sV!Gr+G+ND+9uRDrh58 zxvihc=eS777==QNu z{jwz7`%AfIGabqX!#BTH)c6`H&U;Jt3tS7V=EtG;I`*~@(nRLiCa>t5BpxyMQ2dnL z*O^kCss8x-X+L+-1scv8J~-jBb~;Q-#LqYGjnle`e{FB_qo_xnY7MVEC(;MS=kQ8I z5dE6&R!O~6uGg$5yk+bg;`^O72rCBVI~{y_Y#`7CQ~rrT?5-FT1IbWjf(bJQrc7bY zzr-Me(i;2>C1AD`-H~)g?sU|uD!Ouqv-Z$AB!u0kdVmqbrhuDkLPwe2xv5=qen88l zm@M=VjEaE-8e3c-E5KSCjIoU?71~5M#Rtn3ByH(lH0aRE^7x@Z7xS2y*;kn8jRksu^jFj1 zt*$vk586b9Q3ag)A|q$Gbc7cw*&gq}2Sv~0HfIJ5Q?{xmXQQok;|!fE+eepZN0<2P zbzF#WIt$GxyXQ&}CX&VA-DrC3LUR@h0wF*s;EISO0nEhmr~HEHf|LD?0d;|v4OfhQ ztQifWCQy=?kvaxK^W*FHuh&)&i9_G`7A9{lz564uKRk;kE93bKYNXVYjc?eR_hn(% z!5ubAI!7?Yb=|`q=pe@}kyt6nr|5?DH$5K`=yykw%Q+yHo z>vFM$qujmn*#x{CUMJ+Orq(0Um!^OV1?mgys{(umF*{++_{J1po-ZqRL-HTzmt)tb zZ}c>St+Ov(=6mLeToNk(w0huqtzt0Yt+SVPb8IyB#961g<+RThBu*t;rB8&-2LFtd zvWK(7;vXzHkk9wgF*O|pj@nWyhuWWw+pzZ-qWO~MgC7uFl)Hr5z`%xdrAeVl^QgC& zg}&xtx>vk^+M+ADr!tpbc@T86hLbYW?V=8N+J9wWdYq8Nt{k2$CEh-L#>&+;^-V&t zXL#`!fyWWo7dche&O)CKrKsH(ZBS-6dpYZ(5yAGnHP0+Mr7&popiGnE4H-8a-Tl7_ z7s<;_c`)mOlER_w(rlGx$DvTfWHMrVJqIDEvk840ui~F5j}%&ivT_Q(6p+Nu%qLdn z{8OQ$yK?G1faX0wSYc+m4GAYDs8N{-w) z<(ocwGDuL?`B*{q7oN3y2oc%+IsQ{(uKqq9a)q8w>8RgqgKN`@N2o%#xXFrTrox*s zJ0Bi)KkkU6viGKZG(`ssx0u!JQSp&D`#~2k(Zby$5|Ky7XnYsP_ad9IZhBu~FWJfH zTxXTAZ|@@R8g0Vt{OhhLENX;^gQXuKRCK!r+uC5H%eotp4|0rn2!Shkrx}`7h5S3KSEHqWz>}OW<;Nwc+~nFHokL#HoXq_&9}COL}Ja zYta^d@9zzYVbg~;->$LAhAqDAC5@%&H3!&aY-{GQ4QxNvcvc6oDM9}l zuBTrRnn6>Zgk9%fB9!u6P9`-T@hi9RrDj4BeBdb>A@9_}EJRy7?hSXOj2_KkV>Hju!Q|Zg}SWn?d(g?bb?>QDWq%Z_d)Ygkw1oC z_pgXXQLJDL)rQtuc)J+yj@4bEc($8o*3i6Q(xP>4*Mx`sG&YKyK81I(b!YUPY*?!! z9`DuFX*^bhv*~WLZONI59xUsWo3a&72p%^n3(o=ENLVG03r&O+tSJg@VCa(cdbspz z{z63MKyp+DA@~O0i{{T>d-)SK=u+d$Ub;JnsjzM9&bMHX&IN<>IDN4csYOP+;oV^X zr_u7+&|t2C<_?`|wo|2p=B0|Zc@aN>ms4rbTcWlfzEAc#o8ezqUh z{KFXQU)hb)zkST+0s$Ca`M-f;0rtZf>zD@U^7tvHi7KWj|H~K$3}_WS^!KSB@G?XZ Qd@Q=>&JF^-gRwmO6GpYbl>h($