remove code

Signed-off-by: Prabhas Kurapati <[email protected]>
prabhask5 · Jan 11, 2024 · d22ae12 · d22ae12
1 parent 5114bb7
commit d22ae12
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 42 deletions.
diff --git a/config/config.yml b/config/config.yml
@@ -14,9 +14,8 @@
 # After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect
 # the roles from a given backend for the authenticated user.
 #
-# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both.
+# Both, authc and auth can be enabled/disabled separately for REST layer. Default is true for both.
 #        http_enabled: true
-#        transport_enabled: true
 #
 # For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to
 # find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated.
@@ -86,7 +85,6 @@ config:
     authc:
       kerberos_auth_domain:
         http_enabled: false
-        transport_enabled: false
         order: 6
         http_authenticator:
           type: kerberos
@@ -101,7 +99,6 @@ config:
       basic_internal_auth_domain:
         description: "Authenticate via HTTP Basic against internal users database"
         http_enabled: true
-        transport_enabled: true
         order: 4
         http_authenticator:
           type: basic
@@ -111,7 +108,6 @@ config:
       proxy_auth_domain:
         description: "Authenticate via proxy"
         http_enabled: false
-        transport_enabled: false
         order: 3
         http_authenticator:
           type: proxy
@@ -124,7 +120,6 @@ config:
       jwt_auth_domain:
         description: "Authenticate via Json Web Token"
         http_enabled: false
-        transport_enabled: false
         order: 0
         http_authenticator:
           type: jwt
@@ -141,7 +136,6 @@ config:
       clientcert_auth_domain:
         description: "Authenticate via SSL client certificates"
         http_enabled: false
-        transport_enabled: false
         order: 2
         http_authenticator:
           type: clientcert
@@ -153,7 +147,6 @@ config:
       ldap:
         description: "Authenticate via LDAP or Active Directory"
         http_enabled: false
-        transport_enabled: false
         order: 5
         http_authenticator:
           type: basic
@@ -184,7 +177,6 @@ config:
       roles_from_myldap:
         description: "Authorize via LDAP or Active Directory"
         http_enabled: false
-        transport_enabled: false
         authorization_backend:
           # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
           type: ldap
@@ -228,7 +220,6 @@ config:
       roles_from_another_ldap:
         description: "Authorize via another Active Directory"
         http_enabled: false
-        transport_enabled: false
         authorization_backend:
           type: ldap
           #config goes here ...

diff --git a/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV6.java b/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV6.java
@@ -68,8 +68,6 @@ public class DynamicConfigModelV6 extends DynamicConfigModel {
     private final Path configPath;
     private SortedSet<AuthDomain> restAuthDomains;
     private Set<AuthorizationBackend> restAuthorizers;
-    private SortedSet<AuthDomain> transportAuthDomains;
-    private Set<AuthorizationBackend> transportAuthorizers;
     private List<Destroyable> destroyableComponents;
     private final InternalAuthenticationBackend iab;
 
@@ -216,8 +214,6 @@ private void buildAAA() {
 
         final SortedSet<AuthDomain> restAuthDomains0 = new TreeSet<>();
         final Set<AuthorizationBackend> restAuthorizers0 = new HashSet<>();
-        final SortedSet<AuthDomain> transportAuthDomains0 = new TreeSet<>();
-        final Set<AuthorizationBackend> transportAuthorizers0 = new HashSet<>();
         final List<Destroyable> destroyableComponents0 = new LinkedList<>();
         final List<AuthFailureListener> ipAuthFailureListeners0 = new ArrayList<>();
         final Multimap<String, AuthFailureListener> authBackendFailureListeners0 = ArrayListMultimap.create();
@@ -229,9 +225,8 @@ private void buildAAA() {
         for (final Entry<String, AuthzDomain> ad : authzDyn.getDomains().entrySet()) {
             final boolean enabled = ad.getValue().enabled;
             final boolean httpEnabled = enabled && ad.getValue().http_enabled;
-            final boolean transportEnabled = enabled && ad.getValue().transport_enabled;
 
-            if (httpEnabled || transportEnabled) {
+            if (httpEnabled) {
                 try {
 
                     final String authzBackendClazz = ad.getValue().authorization_backend.type;
@@ -264,10 +259,6 @@ private void buildAAA() {
                         restAuthorizers0.add(authorizationBackend);
                     }
 
-                    if (transportEnabled) {
-                        transportAuthorizers0.add(authorizationBackend);
-                    }
-
                     if (authorizationBackend instanceof Destroyable) {
                         destroyableComponents0.add((Destroyable) authorizationBackend);
                     }
@@ -343,10 +334,6 @@ private void buildAAA() {
                         restAuthDomains0.add(_ad);
                     }
 
-                    if (transportEnabled) {
-                        transportAuthDomains0.add(_ad);
-                    }
-
                     if (httpAuthenticator instanceof Destroyable) {
                         destroyableComponents0.add((Destroyable) httpAuthenticator);
                     }
@@ -365,9 +352,7 @@ private void buildAAA() {
         List<Destroyable> originalDestroyableComponents = destroyableComponents;
 
         restAuthDomains = Collections.unmodifiableSortedSet(restAuthDomains0);
-        transportAuthDomains = Collections.unmodifiableSortedSet(transportAuthDomains0);
         restAuthorizers = Collections.unmodifiableSet(restAuthorizers0);
-        transportAuthorizers = Collections.unmodifiableSet(transportAuthorizers0);
 
         destroyableComponents = Collections.unmodifiableList(destroyableComponents0);
 

diff --git a/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java b/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java
@@ -76,8 +76,6 @@ public class DynamicConfigModelV7 extends DynamicConfigModel {
     private final Path configPath;
     private SortedSet<AuthDomain> restAuthDomains;
     private Set<AuthorizationBackend> restAuthorizers;
-    private SortedSet<AuthDomain> transportAuthDomains;
-    private Set<AuthorizationBackend> transportAuthorizers;
     private List<Destroyable> destroyableComponents;
     private final InternalAuthenticationBackend iab;
 
@@ -234,8 +232,6 @@ private void buildAAA() {
 
         final SortedSet<AuthDomain> restAuthDomains0 = new TreeSet<>();
         final Set<AuthorizationBackend> restAuthorizers0 = new HashSet<>();
-        final SortedSet<AuthDomain> transportAuthDomains0 = new TreeSet<>();
-        final Set<AuthorizationBackend> transportAuthorizers0 = new HashSet<>();
         final List<Destroyable> destroyableComponents0 = new LinkedList<>();
         final List<AuthFailureListener> ipAuthFailureListeners0 = new ArrayList<>();
         final Multimap<String, AuthFailureListener> authBackendFailureListeners0 = ArrayListMultimap.create();
@@ -246,9 +242,8 @@ private void buildAAA() {
 
         for (final Entry<String, AuthzDomain> ad : authzDyn.getDomains().entrySet()) {
             final boolean httpEnabled = ad.getValue().http_enabled;
-            final boolean transportEnabled = ad.getValue().transport_enabled;
 
-            if (httpEnabled || transportEnabled) {
+            if (httpEnabled) {
                 try {
 
                     final String authzBackendClazz = ad.getValue().authorization_backend.type;
@@ -281,10 +276,6 @@ private void buildAAA() {
                         restAuthorizers0.add(authorizationBackend);
                     }
 
-                    if (transportEnabled) {
-                        transportAuthorizers0.add(authorizationBackend);
-                    }
-
                     if (authorizationBackend instanceof Destroyable) {
                         destroyableComponents0.add((Destroyable) authorizationBackend);
                     }
@@ -359,10 +350,6 @@ private void buildAAA() {
                         restAuthDomains0.add(_ad);
                     }
 
-                    if (transportEnabled) {
-                        transportAuthDomains0.add(_ad);
-                    }
-
                     if (httpAuthenticator instanceof Destroyable) {
                         destroyableComponents0.add((Destroyable) httpAuthenticator);
                     }
@@ -398,9 +385,7 @@ private void buildAAA() {
         List<Destroyable> originalDestroyableComponents = destroyableComponents;
 
         restAuthDomains = Collections.unmodifiableSortedSet(restAuthDomains0);
-        transportAuthDomains = Collections.unmodifiableSortedSet(transportAuthDomains0);
         restAuthorizers = Collections.unmodifiableSet(restAuthorizers0);
-        transportAuthorizers = Collections.unmodifiableSet(transportAuthorizers0);
 
         destroyableComponents = Collections.unmodifiableList(destroyableComponents0);