Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs for authorization_realms #32765

Merged
merged 4 commits into from
Aug 28, 2018
Merged

Docs for authorization_realms #32765

merged 4 commits into from
Aug 28, 2018

Conversation

tvernum
Copy link
Contributor

@tvernum tvernum commented Aug 10, 2018

Adds links to the "authorization_realms" (Delegating authorization to
another realm) section to each of the applicable realms, and adds the
"authorization_realms" setting to the list of realm settings.

Depends on: elastic/stack-docs#100

@tvernum
Docs for authorization_realms
79afa6d 
Adds links to the "authorization_realms" (Delegating authorization to
another realm) section to each of the applicable realms, and adds the
"authorization_realms" setting to the list of realm settings.
@tvernum tvernum added review :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC labels Aug 10, 2018
@tvernum tvernum requested review from bizybot and lcawl August 10, 2018 04:59
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs

@tvernum tvernum mentioned this pull request Aug 10, 2018
Merged
@tvernum
Copy link
Contributor Author

tvernum commented Aug 10, 2018

java.io.FileNotFoundException: .../transport.ports

@elasticmachine run gradle build tests 😿

@lcawl
Copy link
Contributor

lcawl commented Aug 16, 2018

I updated the links in this PR to reflect changes I made in elastic/stack-docs#100

lcawl
lcawl reviewed Aug 16, 2018
View reviewed changes
docs/reference/settings/security-settings.asciidoc Outdated
`authorization_realms`::
The names of the realms that should be consulted for delegate authorization.
If this setting is used, then the LDAP realm does not perform role mapping and
instead loads the user from the listed realms.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we also mention that the order of the items in this value is important? i.e. the realms are tried in the order specified here?

lcawl
lcawl approved these changes Aug 16, 2018
View reviewed changes
Copy link
Contributor

@lcawl lcawl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added one comment but otherwise LGTM

bizybot
bizybot approved these changes Aug 24, 2018
View reviewed changes
Copy link
Contributor

@bizybot bizybot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I will update the documentation for Kerberos to add support for authorization_realms. Thank you.

@tvernum tvernum merged commit 29dcf9b into elastic:security-lookup-realms Aug 28, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bizybot bizybot bizybot approved these changes

@lcawl lcawl lcawl approved these changes

Assignees
No one assigned
Labels
:Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tvernum @elasticmachine @lcawl @bizybot