Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minor doc fixes for PKI realm #103831

Merged
merged 2 commits into from
Jan 9, 2024
Merged

Minor doc fixes for PKI realm #103831

merged 2 commits into from
Jan 9, 2024
+6 −8

Conversation

jakelandis
Copy link
Contributor

Remove the reference to the transport client and clarify the usage of username_pattern

@jakelandis jakelandis added >docs General docs changes :Security/Security Security issues without another label v8.12.1 v8.13.0 labels Jan 2, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 2, 2024

Documentation preview:

@elasticsearchmachine elasticsearchmachine added Team:Docs Meta label for docs team Team:Security Meta label for security team labels Jan 2, 2024
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@slobodanadamovic slobodanadamovic self-requested a review January 4, 2024 21:00
@tvernum tvernum self-requested a review January 5, 2024 00:03
tvernum
tvernum reviewed Jan 5, 2024
View reviewed changes
docs/reference/settings/security-settings.asciidoc Outdated
@@ -1015,8 +1015,9 @@ the following settings:
`username_pattern`::
(<<static-cluster-setting,Static>>)
The regular expression pattern used to extract the username from the
certificate DN. The first match group is the used as the username.
Defaults to `CN=(.*?)(?:,\|$)`.
certificate DN. The username is used for auditing and logging (not role mapping).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The not role mapping isn't strictly true (and I expect some readers to be confused).

If you use the role mapping API, then you can map on username.

It's also use for delegated authorization (lookup realms) which is the scenario that (I think) prompted this clarification.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Tim ! I missed those usages. I have updated the docs.

@jakelandis jakelandis requested a review from tvernum January 5, 2024 22:42
tvernum
tvernum approved these changes Jan 9, 2024
View reviewed changes
Copy link
Contributor

@tvernum tvernum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jakelandis jakelandis merged commit 15258c8 into elastic:main Jan 9, 2024
@jakelandis jakelandis deleted the minor_pki_docs branch January 9, 2024 15:50
@jakelandis jakelandis mentioned this pull request Jan 9, 2024
Merged
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
8.12

jakelandis added a commit to jakelandis/elasticsearch that referenced this pull request Jan 9, 2024
@jakelandis
Minor doc fixes for PKI realm (elastic#103831)
2c4ce8c 
Remove the reference to the transport client and clarify the usage of username_pattern
elasticsearchmachine pushed a commit that referenced this pull request Jan 9, 2024
@jakelandis
Minor doc fixes for PKI realm (#103831) (#104143)

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
a6c450a 
Remove the reference to the transport client and clarify the usage of username_pattern
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvernum tvernum

@slobodanadamovic slobodanadamovic

Assignees
No one assigned
Labels
>docs General docs changes :Security/Security Security issues without another label Team:Docs Meta label for docs team Team:Security Meta label for security team v8.12.1 v8.13.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jakelandis @elasticsearchmachine @tvernum