Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fallback to realm authc if ApiKey fails #46538

Merged
merged 2 commits into from
Sep 10, 2019
Merged

Fallback to realm authc if ApiKey fails #46538

merged 2 commits into from
Sep 10, 2019

Conversation

tvernum
Copy link
Contributor

@tvernum tvernum commented Sep 10, 2019

This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

@tvernum
Fallback to realm authc if ApiKey fails
031a315 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.
@tvernum tvernum added >bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v8.0.0 v7.4.0 labels Sep 10, 2019
@tvernum tvernum requested review from bizybot and jkakavas September 10, 2019 12:08
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

bizybot
bizybot approved these changes Sep 10, 2019
View reviewed changes
Copy link
Contributor

@bizybot bizybot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, Thank you.

jkakavas
jkakavas approved these changes Sep 10, 2019
View reviewed changes
Copy link
Member

@jkakavas jkakavas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tvernum tvernum merged commit 18f0d53 into elastic:master Sep 10, 2019
tvernum added a commit to tvernum/elasticsearch that referenced this pull request Sep 10, 2019
@tvernum
Fallback to realm authc if ApiKey fails
8ae367e 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: elastic#46538
@tvernum tvernum mentioned this pull request Sep 10, 2019
Merged
@tvernum tvernum added the v7.5.0 label Sep 10, 2019
tvernum added a commit to tvernum/elasticsearch that referenced this pull request Sep 10, 2019
@tvernum
Fallback to realm authc if ApiKey fails
12fbd83 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: elastic#46538
@tvernum tvernum mentioned this pull request Sep 11, 2019
Merged
tvernum added a commit that referenced this pull request Sep 11, 2019
@tvernum
Fallback to realm authc if ApiKey fails (#46552)
8006465 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: #46538
tvernum added a commit that referenced this pull request Sep 11, 2019
@tvernum
Fallback to realm authc if ApiKey fails (#46579)
7bda046 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: #46538
@tvernum tvernum added the v6.8.4 label Sep 25, 2019
tvernum added a commit to tvernum/elasticsearch that referenced this pull request Sep 25, 2019
@tvernum
Fallback to realm authc if ApiKey fails
d032060 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: elastic#46538
@tvernum tvernum mentioned this pull request Sep 25, 2019
Merged
tvernum added a commit that referenced this pull request Sep 25, 2019
@tvernum
Fallback to realm authc if ApiKey fails (#47066)
08ebe03 
This changes API-Key authentication to always fallback to the realm
chain if the API key is not valid. The previous behaviour was
inconsistent and would terminate on some failures, but continue to the
realm chain for others.

Backport of: #46538
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkakavas jkakavas jkakavas approved these changes

@bizybot bizybot bizybot approved these changes

Assignees
No one assigned
Labels
>bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v6.8.4 v7.4.0 v7.5.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tvernum @elasticmachine @bizybot @jkakavas @jakelandis