Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Require security to be provided by X-Pack #66814

Closed
wants to merge 2 commits into from
Closed

Require security to be provided by X-Pack #66814

wants to merge 2 commits into from

Conversation

BigPandaToo
Copy link
Contributor

In order to provide a stronger guarantee to our solutions, that if a
cluster is running the default distribution and has security
(authentication) enabled,
then it will be provided by Elastic's security features, and users can
rely on it behaving in the ways they expect, this change 1) mandate
that security in default distribution is provided by X-Pack by always
installing the Security Rest Filter and 2) adding warnings if
credentials are provided to a cluster that does not have security
enabled.

Related: #188

@BigPandaToo
Disable 3rd party security plugins
bedc61d 
Disable 3rd party security plugins
@BigPandaToo
Require security to be provided by X-Pack
5dcb0cc 
 In order to provide a stronger guarantee to our solutions, that if a
 cluster is running the default distribution and has security
 (authentication) enabled,
 then it will be provided by Elastic's security features, and users can
 rely on it behaving in the ways they expect, this change 1) mandate
 that security in default distribution is provided by X-Pack by always
 installing the Security Rest Filter and 2) adding warnings if
 credentials are provided to a cluster that does not have security
  enabled.

Related: elastic#188
@BigPandaToo BigPandaToo added :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v7.12.0 v8.0.0 labels Dec 24, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@BigPandaToo BigPandaToo deleted the No_sec_plugin branch December 27, 2020 16:27
@BigPandaToo BigPandaToo removed :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v7.12.0 v8.0.0 labels Dec 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@BigPandaToo @elasticmachine