kibana

github-mirrors/kibana

Fork 0

mirror of https://github.com/elastic/kibana.git synced 2025-06-29 03:24:45 -04:00

Commit graph

Author	SHA1	Message	Date
Thom Heymann	7bee86d6eb	Add Mock IDP login page and role switcher (#172257 )	2024-01-12 21:54:51 +01:00
Dzmitry Lemechko	7556105dfc	[kbn-test] Disable TLS for svl Kibana (#171434 ) ## Summary This PR disables TLS mode for Kibana run in serverless. Related to #170417 enabling serverless roles testing Blocked by #171513 PR is created in cooperation with @azasypkin and intended to simplify the automated testing process for serverless: starting Kibana with TLS enabled adds unnecessary complexity to the process of getting session cookie and overall Kibana APIs calling with Dev certificate in the tests. The selected approach is to disable TLS for Kibana and simply rely on #171513 to configure mocked idp realm for Serverless ES with TLS enabled. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>	2023-11-23 17:42:33 +01:00
Jeramy Soucy	fe0ffab1da	Prepare the Security domain HTTP APIs for Serverless (#162087 ) Closes #161337 ## Summary Uses build flavor(see #161930) to disable specific Kibana security, spaces, and encrypted saved objects HTTP API routes in serverless (see details in #161337). HTTP APIs that will be public in serverless have been handled in #162523. IMPORTANT: This PR leaves login, user, and role routes enabled. The primary reason for this is due to several testing mechanisms that rely on basic authentication and custom roles (UI, Cypress). These tests will be modified to use SAML authentication and serverless roles in the immediate future. Once this occurs, we will disable these routes. ### Testing This PR also implements testing API access in serverless. - The testing strategy for disabled routes in serverless is to verify a `404 not found `response. - The testing strategy for internal access routes in serverless is to verify that without the internal request header (`x-elastic-internal-origin`), a `400 bad request response` is received, then verify that with the internal request header, a `200 ok response` is received. - The strategy for public routes in serverless is to verify a `200 ok` or `203 redirect` is received. ~~blocked by #161930~~ ~~blocked by #162149 for test implementation~~ --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>	2023-08-23 12:34:45 +02:00

Author

SHA1

Message

Date

Thom Heymann

7bee86d6eb

Add Mock IDP login page and role switcher (#172257 )

2024-01-12 21:54:51 +01:00

Dzmitry Lemechko

7556105dfc

[kbn-test] Disable TLS for svl Kibana (#171434 )

## Summary

This PR disables TLS mode for Kibana run in serverless.
Related to #170417 enabling serverless roles testing 
Blocked by #171513

PR is created in cooperation with @azasypkin and intended to simplify
the automated testing process for serverless:
starting Kibana with TLS enabled adds unnecessary complexity to the
process of getting session cookie and overall Kibana APIs calling with
Dev certificate in the tests.
The selected approach is to disable TLS for Kibana and simply rely on
#171513 to configure mocked idp realm for Serverless ES with TLS
enabled.

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>

2023-11-23 17:42:33 +01:00

Jeramy Soucy

fe0ffab1da

Prepare the Security domain HTTP APIs for Serverless (#162087 )

Closes #161337

## Summary

Uses build flavor(see #161930) to disable specific Kibana security,
spaces, and encrypted saved objects HTTP API routes in serverless (see
details in #161337). HTTP APIs that will be public in serverless have
been handled in #162523.

**IMPORTANT: This PR leaves login, user, and role routes enabled. The
primary reason for this is due to several testing mechanisms that rely
on basic authentication and custom roles (UI, Cypress). These tests will
be modified to use SAML authentication and serverless roles in the
immediate future. Once this occurs, we will disable these routes.**

### Testing
This PR also implements testing API access in serverless.
- The testing strategy for disabled routes in serverless is to verify a
`404 not found `response.
- The testing strategy for internal access routes in serverless is to
verify that without the internal request header
(`x-elastic-internal-origin`), a `400 bad request response` is received,
then verify that with the internal request header, a `200 ok response`
is received.
- The strategy for public routes in serverless is to verify a `200 ok`
or `203 redirect` is received.

~~blocked by #161930~~
~~blocked by #162149 for test implementation~~

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>

2023-08-23 12:34:45 +02:00

3 commits