mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-25 15:47:23 -04:00
273c82d7c9
Authorization Realms allow an authenticating realm to delegate the task of constructing a User object (with name, roles, etc) to one or more other realms. E.g. A client could authenticate using PKI, but then delegate to an LDAP realm. The LDAP realm performs a "lookup" by principal, and then does regular role-mapping from the discovered user. This commit includes: - authorization_realm support in the pki, ldap, saml & kerberos realms - docs for authorization_realms - checks that there are no "authorization chains" (whereby "realm-a" delegates to "realm-b", but "realm-b" delegates to "realm-c") Authorization realms is a platinum feature. |
||
|---|---|---|
| .. | ||
| images | ||
| audit-settings.asciidoc | ||
| configuring-xes.asciidoc | ||
| license-settings.asciidoc | ||
| ml-settings.asciidoc | ||
| monitoring-settings.asciidoc | ||
| notification-settings.asciidoc | ||
| security-hash-settings.asciidoc | ||
| security-settings.asciidoc | ||
| sql-settings.asciidoc | ||
| ssl-settings.asciidoc | ||