Skip to content

Commit

Permalink
Merge branch 'master' of github.com:elastic/kibana into detections-fi…
Browse files Browse the repository at this point in the history
…x-import-rules
  • Loading branch information
XavierM committed Jan 30, 2020
2 parents 647e592 + 371abf6 commit f51d0ff
Show file tree
Hide file tree
Showing 820 changed files with 3,940 additions and 3,760 deletions.
4 changes: 2 additions & 2 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -150,9 +150,9 @@
**/*.scss @elastic/kibana-design

# Elasticsearch UI
/src/legacy/core_plugins/console/ @elastic/es-ui
/src/plugins/console/ @elastic/es-ui
/src/plugins/es_ui_shared/ @elastic/es-ui
/x-pack/legacy/plugins/console_extensions/ @elastic/es-ui
/x-pack/plugins/console_extensions/ @elastic/es-ui
/x-pack/legacy/plugins/cross_cluster_replication/ @elastic/es-ui
/x-pack/legacy/plugins/index_lifecycle_management/ @elastic/es-ui
/x-pack/legacy/plugins/index_management/ @elastic/es-ui
Expand Down
2 changes: 1 addition & 1 deletion .i18nrc.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"paths": {
"common.ui": "src/legacy/ui",
"console": "src/legacy/core_plugins/console",
"console": "src/plugins/console",
"core": "src/core",
"dashboardEmbeddableContainer": "src/plugins/dashboard_embeddable_container",
"data": [
Expand Down
10 changes: 10 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,16 @@ yarn kbn bootstrap

(You can also run `yarn kbn` to see the other available commands. For more info about this tool, see https://github.com/elastic/kibana/tree/master/packages/kbn-pm.)

When switching branches which use different versions of npm packages you may need to run;
```bash
yarn kbn clean
```

If you have failures during `yarn kbn bootstrap` you may have some corrupted packages in your yarn cache which you can clean with;
```bash
yarn cache clean
```

#### Increase node.js heap size

Kibana is a big project and for some commands it can happen that the process hits the default heap limit and crashes with an out-of-memory error. If you run into this problem, you can increase maximum heap size by setting the `--max_old_space_size` option on the command line. To set the limit for all commands, simply add the following line to your shell config: `export NODE_OPTIONS="--max_old_space_size=2048"`.
Expand Down
20 changes: 10 additions & 10 deletions docs/user/security/authentication/index.asciidoc
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[role="xpack"]
[[kibana-authentication]]
=== Authentication in Kibana
=== Authentication in {kib}
++++
<titleabbrev>Authentication</titleabbrev>
++++
Expand All @@ -16,23 +16,23 @@
[[basic-authentication]]
==== Basic authentication

Basic authentication requires a username and password to successfully log in to {kib}. It is enabled by default and based on the Native security realm provided by {es}. The basic authentication provider uses a Kibana provided login form, and supports authentication using the `Authorization` request header's `Basic` scheme.
To successfully log in to {kib}, basic authentication requires a username and password. Basic authentication is enabled by default, and is based on the Native security realm or LDAP security realm that is provided by {es}. The basic authentication provider uses a {kib} provided login form, and supports authentication using the `Authorization` request header `Basic` scheme.

The session cookies that are issued by the basic authentication provider are stateless. Therefore, logging out of Kibana when using the basic authentication provider clears the session cookies from the browser but does not invalidate the session cookie for reuse.
The session cookies that are issued by the basic authentication provider are stateless. Therefore, logging out of {kib} when using the basic authentication provider clears the session cookies from the browser, but does not invalidate the session cookie for reuse.

For more information about basic authentication and built-in users, see
{ref}/setting-up-authentication.html[User authentication].

[[token-authentication]]
==== Token authentication

Token authentication allows users to login using the same Kibana provided login form as basic authentication. The token authentication provider is built on {es}'s token APIs. The bearer tokens returned by {es}'s {ref}/security-api-get-token.html[get token API] can be used directly with Kibana using the `Authorization` request header with the `Bearer` scheme.
Token authentication allows users to login using the same {kib} provided login form as basic authentication, and is based on the Native security realm or LDAP security realm that is provided by {es}. The token authentication provider is built on {es} token APIs. The bearer tokens returned by {es}'s {ref}/security-api-get-token.html[get token API] can be used directly with {kib} using the `Authorization` request header with the `Bearer` scheme.

The session cookies that are issued by the token authentication provider are stateful, and logging out of Kibana invalidates the session cookies for reuse.
The session cookies that are issued by the token authentication provider are stateful, and logging out of {kib} invalidates the session cookies for reuse.

Prior to configuring Kibana, ensure token support is enabled in Elasticsearch. See the {ref}/security-api-get-token.html[Elasticsearch token API] documentation for more information.
Prior to configuring {kib}, ensure token support is enabled in {es}. See the {ref}/security-api-get-token.html[{es} token API] documentation for more information.

To enable the token authentication provider in Kibana, set the following value in your `kibana.yml`:
To enable the token authentication provider in {kib}, set the following value in your `kibana.yml`:

[source,yaml]
--------------------------------------------------------------------------------
Expand Down Expand Up @@ -67,7 +67,7 @@ server.ssl.clientAuthentication: required
xpack.security.authc.providers: [pki]
--------------------------------------------------------------------------------

NOTE: Trusted CAs can also be specified in a PKCS #12 keystore bundled with your Kibana server certificate/key using
NOTE: Trusted CAs can also be specified in a PKCS #12 keystore bundled with your {kib} server certificate/key using
`server.ssl.keystore.path` or in a separate trust store using `server.ssl.truststore.path`.

PKI support in {kib} is designed to be the primary (or sole) authentication method for users of that {kib} instance. However, you can configure both PKI and Basic authentication for the same {kib} instance:
Expand Down Expand Up @@ -128,7 +128,7 @@ Basic authentication is supported _only_ if `basic` authentication provider is e

At the beginning of the SAML handshake, {kib} stores the initial URL in the session cookie, so it can redirect the user back to that URL after successful SAML authentication.
If the URL is long, the session cookie might exceed the maximum size supported by the browser--typically 4KB for all cookies per domain. When this happens, the session cookie is truncated,
or dropped completely, and you might experience sporadic failures during SAML authentication.
or dropped completely, and you might experience sporadic failures during SAML authentication.

To remedy this issue, you can decrease the maximum
size of the URL that {kib} is allowed to store during the SAML handshake. The default value is 2KB.
Expand Down Expand Up @@ -185,7 +185,7 @@ Users will be able to access the login page and use Basic authentication by navi
[float]
==== Single sign-on provider details

The following sections apply both to <<saml>> and <<oidc>>
The following sections apply both to <<saml>> and <<oidc>>

[float]
===== Access and refresh tokens
Expand Down
6 changes: 3 additions & 3 deletions renovate.json5
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@
'Team:Operations',
'renovate',
'v8.0.0',
'v7.6.0',
'v7.7.0',
],
major: {
labels: [
'release_note:skip',
'Team:Operations',
'renovate',
'v8.0.0',
'v7.6.0',
'v7.7.0',
'renovate:major',
],
},
Expand Down Expand Up @@ -238,7 +238,7 @@
'Team:Operations',
'renovate',
'v8.0.0',
'v7.6.0',
'v7.7.0',
':ml',
],
},
Expand Down
13 changes: 12 additions & 1 deletion src/core/server/http/router/response_adapter.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
import { ResponseObject as HapiResponseObject, ResponseToolkit as HapiResponseToolkit } from 'hapi';
import typeDetect from 'type-detect';
import Boom from 'boom';
import * as stream from 'stream';

import {
HttpResponsePayload,
Expand Down Expand Up @@ -112,8 +113,18 @@ export class HapiResponseAdapter {
return response;
}

private toError(kibanaResponse: KibanaResponse<ResponseError>) {
private toError(kibanaResponse: KibanaResponse<ResponseError | Buffer | stream.Readable>) {
const { payload } = kibanaResponse;

// Special case for when we are proxying requests and want to enable streaming back error responses opaquely.
if (Buffer.isBuffer(payload) || payload instanceof stream.Readable) {
const response = this.responseToolkit
.response(kibanaResponse.payload)
.code(kibanaResponse.status);
setHeaders(response, kibanaResponse.options.headers);
return response;
}

// we use for BWC with Boom payload for error responses - {error: string, message: string, statusCode: string}
const error = new Boom('', {
statusCode: kibanaResponse.status,
Expand Down
2 changes: 1 addition & 1 deletion src/dev/renovate/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import { RENOVATE_PACKAGE_GROUPS } from './package_groups';
import { PACKAGE_GLOBS } from './package_globs';
import { wordRegExp, maybeFlatMap, maybeMap, getTypePackageName } from './utils';

const DEFAULT_LABELS = ['release_note:skip', 'Team:Operations', 'renovate', 'v8.0.0', 'v7.6.0'];
const DEFAULT_LABELS = ['release_note:skip', 'Team:Operations', 'renovate', 'v8.0.0', 'v7.7.0'];

export const RENOVATE_CONFIG = {
extends: ['config:base'],
Expand Down
75 changes: 0 additions & 75 deletions src/legacy/core_plugins/console/__tests__/index.js

This file was deleted.

Loading

0 comments on commit f51d0ff

Please sign in to comment.