diff --git a/x-pack/docs/en/security/authentication/native-realm.asciidoc b/x-pack/docs/en/security/authentication/native-realm.asciidoc index 8cd150b9c1c99..6820469b2f3b3 100644 --- a/x-pack/docs/en/security/authentication/native-realm.asciidoc +++ b/x-pack/docs/en/security/authentication/native-realm.asciidoc @@ -47,42 +47,9 @@ xpack: . Restart Elasticsearch. [[native-settings]] -.Native Realm Settings -[cols="4,^3,10"] -|======================= -| Setting | Required | Description - -| `type` | yes | Indicates the realm type. Must be set to `native`. - -| `order` | no | Indicates the priority of this realm within - the realm chain. Realms with a lower order - are consulted first. Although not required, - we recommend explicitly setting this value - when you configure multiple realms. Defaults - to `Integer.MAX_VALUE`. - -| `enabled` | no | Indicates whether this realm is enabled or - disabled. When set to `false`, the realm is - not added to the realm chain and therefore - is inactive. Defaults to `true`. - -| `cache.ttl` | no | Specifies the time-to-live for cached user - entries. A user's credentials are cached for - this period of time. Specify the time period - using the standard Elasticsearch - {ref}/common-options.html#time-units[time units]. - Defaults to `20m`. - -| `cache.max_users` | no | Specifies the maximum number of user entries - that can be cached at any given time. Defaults - to 100,000. - -| `cache.hash_algo` | no | Specifies the hashing algorithm that is used - for the cached user credentials. See - <> - for the possible values. (Expert Setting) -|======================= +==== Native Realm Settings +See {ref}/ref-native-settings.html[Native Realm Settings]. [[managing-native-users]] ==== Managing Native Users diff --git a/x-pack/docs/en/settings/security-settings.asciidoc b/x-pack/docs/en/settings/security-settings.asciidoc index eb2299e693d52..02514be272127 100644 --- a/x-pack/docs/en/settings/security-settings.asciidoc +++ b/x-pack/docs/en/settings/security-settings.asciidoc @@ -127,6 +127,7 @@ The valid settings vary depending on the realm type. For more information, see {xpack-ref}/setting-up-authentication.html[Setting Up Authentication]. [float] +[[ref-realm-settings]] ===== Settings Valid for All Realms `type`:: @@ -141,6 +142,27 @@ recommended when you configure multiple realms. Defaults to `Integer.MAX_VALUE`. Indicates whether a realm is enabled. You can use this setting to disable a realm without removing its configuration information. Defaults to `true`. +[[ref-native-settings]] +[float] +===== Native Realm Settings + +For a native realm, the `type` must be set to `native`. In addition to the +<>, you can specify +the following optional settings: + +`cache.ttl`:: The time-to-live for cached user entries. User credentials are +cached for this period of time. Specify the time period using the standard +{es} <>. Defaults to `20m`. + +`cache.max_users`:: The maximum number of user entries that can live in the +cache at any given time. Defaults to 100,000. + +`cache.hash_algo`:: (Expert Setting) The hashing algorithm that is used for the +in-memory cached user credentials. For possible values, see +{xpack-ref}/controlling-user-cache.html[Cache hash algorithms]. Defaults to +`ssha256`. + + [[ref-users-settings]] [float]