-
Notifications
You must be signed in to change notification settings - Fork 24.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Deprecate the behaviour of implicitly disabling file/native realm (#6…
…9320) As a precursor for #50892, this PR deprecate the behaviour of file and/or native realm being implicitly disabled when there are other explicitly configured realms. With this change, the recommend way of disabling file/native realm is to explicitly set enabled to false, e.g.: xpack.security.authc.realms.file.default_file.enabled: false This PR ensures that a warning is generated whenever file and/or native realm is implicitly disabled. This change also brings a question about the order parameter. Currently, the order parameter is mandatory in 8.0 and gets a warning message if it is missing in 7.x. However, it makes sense to not specify the order parameter if the realm is disabled. So I also updated the order parameter related code to do just that.
- Loading branch information
Showing
8 changed files
with
426 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
[[migrating-7.13]] | ||
== Migrating to 7.13 | ||
++++ | ||
<titleabbrev>7.13</titleabbrev> | ||
++++ | ||
|
||
This section discusses the changes that you need to be aware of when migrating | ||
your application to {es} 7.13. | ||
|
||
See also <<release-highlights>> and <<es-release-notes>>. | ||
|
||
// * <<breaking_713_blah_changes>> | ||
// * <<breaking_713_blah_changes>> | ||
|
||
//NOTE: The notable-breaking-changes tagged regions are re-used in the | ||
//Installation and Upgrade Guide | ||
|
||
//tag::notable-breaking-changes[] | ||
|
||
[discrete] | ||
[[breaking-changes-7.13]] | ||
=== Breaking changes | ||
|
||
The following changes in {es} 7.13 might affect your applications | ||
and prevent them from operating normally. | ||
Before upgrading to 7.13, review these changes and take the described steps | ||
to mitigate the impact. | ||
|
||
NOTE: Breaking changes introduced in minor versions are | ||
normally limited to security and bug fixes. | ||
Significant changes in behavior are deprecated in a minor release and | ||
the old behavior is supported until the next major release. | ||
To find out if you are using any deprecated functionality, | ||
enable <<deprecation-logging, deprecation logging>>. | ||
|
||
|
||
[discrete] | ||
[[deprecated-7.13]] | ||
=== Deprecations | ||
|
||
The following functionality has been deprecated in {es} 7.13 | ||
and will be removed in 8.0 | ||
While this won't have an immediate impact on your applications, | ||
we strongly encourage you take the described steps to update your code | ||
after upgrading to 7.13. | ||
|
||
NOTE: Significant changes in behavior are deprecated in a minor release and | ||
the old behavior is supported until the next major release. | ||
To find out if you are using any deprecated functionality, | ||
enable <<deprecation-logging, deprecation logging>>. | ||
|
||
[discrete] | ||
[[breaking_713_security_changes]] | ||
==== Security deprecations | ||
|
||
[[implicitly-disabled-basic-realms]] | ||
Currently, the file and native realms have following implicit behaviours: | ||
|
||
* If file and native realms are not configured, they are implicitly disabled | ||
if there are other explicitly configured realms. | ||
* If no realm is available due to either unconfigured, explicitly disabled | ||
or disallowed by the license, the file and native realms are always enabled | ||
even when they are explicitly disabled. | ||
|
||
Both of the above behaviours are deprecated. In version 8.0.0, the file and | ||
native realms will always be enabled unless explicitly disabled. If they are | ||
explicitly disabled, they remain disabled at all times. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.