In this example, users credentials are validate via LDAP. The groups associated to each validated users are resolved using the same LDAP server.
Simpler: authentication and authorization in one rule
readonlyrest:
enable: true
Simone Scarduzio sscarduzio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "analysts group permissions" | |
| indices: ["logstash-*"] | |
| groups: ["analysts"] | |
| users: | |
| - username: ada | |
| auth_key: ada:passwd1 | |
| groups: ["analysts"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "user1 can see logstash data" | |
| auth_key: "user1:password" | |
| indices: ["logstash-*"] |
sscarduzio
/ readonlyrest.yml
Last active
January 17, 2020 14:09
ROR ACL Examples: field level security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "No sensitive fields in search" | |
| fields: ["~credit_card", "~birth_date"] |
sscarduzio
/ readonlyrest.yml
Last active
January 18, 2020 13:06
ROR ACL Examples: document level security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "Never return secret documents!" | |
| filter: '{"bool": | |
| {"must_not": | |
| {"match": {"is_secret": true}} | |
| }}' |
sscarduzio
/ readonlyrest.yml
Created
January 17, 2020 13:17
ROR ACL Examples: document level security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "Allow read catalogue from local" | |
| indices: ["catalogue-*"] | |
| filter: '{"bool": {"must_not": {"match": {"secret": true}}}}' |
sscarduzio
/ readonlyrest.yml
Last active
January 17, 2020 13:52
ROR ACL Examples: basic access control
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| readonlyrest: | |
| access_control_rules: | |
| - name: "Local, RO catalogue" | |
| methods: ["GET","POST"] | |
| hosts: ["127.0.0.0/24"] | |
| indices: ["catalogue-*"] | |
| actions: ["indices:data/read*"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "2.0" | |
| services: | |
| elasticsearch: | |
| image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0 | |
| ports: | |
| - "9200:9200" | |
| - "9300:9300" | |
| environment: | |
| - discovery.type single-node | |
| volumes: |
sscarduzio
/ Missing class Error
Created
November 11, 2016 03:53
Readonlyrest SBT Elasticsearch plugin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/bin/java -Xms2g -Xmx2g -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+DisableExplicitGC -XX:+AlwaysPreTouch -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Dlog4j.skipJansi=true -Des.path.home=/me/elasticsearch-readonlyrest-plugin/src/test/eshome -Djava.security.policy=/me/elasticsearch-readonlyrest-plugin/src/main/resources/plugin-security.policy -Didea.launcher.port=7533 "-Didea.launcher.bin.path=/Applications/IntelliJ IDEA CE.app/Contents/bin" -classpath "/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/jre/lib/charsets.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/jre/lib/deploy.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home/jre/lib/ext/cldrdata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0 |
sscarduzio
/ validated.scala
Last active
May 31, 2016 17:43
Cannot find |@| ( using "org.typelevel" %% "cats" % "0.6.0")
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import cats.data.{Validated, Xor} | |
| import cats.syntax.apply._ // For |@| syntax | |
| import cats.std.list._ // For semigroup (append) on List | |
| object ValidatedExample { | |
| import Xor.{left, right} | |
| import Validated.{invalid, valid} | |
| // We are going to compare the behaviour of Xor and Validated. First we | |
| // define some instances. Then we combine them using flatMap |