Module org.elasticsearch.security
Class CrossClusterAccessSecurityExtension
java.lang.Object
org.elasticsearch.xpack.security.transport.CrossClusterAccessSecurityExtension
- All Implemented Interfaces:
ReloadableSecurityComponent,RemoteClusterSecurityExtension
public class CrossClusterAccessSecurityExtension
extends Object
implements RemoteClusterSecurityExtension, ReloadableSecurityComponent
Remote cluster security extension point which is based on cross-cluster API keys.
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from interface org.elasticsearch.xpack.security.transport.extension.RemoteClusterSecurityExtension
RemoteClusterSecurityExtension.Components -
Method Summary
Modifier and TypeMethodDescriptionReturns aRemoteClusterAuthenticationServiceused to authenticate remote cluster requests.Returns aRemoteClusterTransportInterceptorthat allows intercepting remote connections both on the receiver and the sender side.voidCalled when a reload security settings action is executed.
-
Method Details
-
getTransportInterceptor
Description copied from interface:RemoteClusterSecurityExtensionReturns aRemoteClusterTransportInterceptorthat allows intercepting remote connections both on the receiver and the sender side.- Specified by:
getTransportInterceptorin interfaceRemoteClusterSecurityExtension
-
getAuthenticationService
Description copied from interface:RemoteClusterSecurityExtensionReturns aRemoteClusterAuthenticationServiceused to authenticate remote cluster requests.- Specified by:
getAuthenticationServicein interfaceRemoteClusterSecurityExtension
-
reload
Description copied from interface:ReloadableSecurityComponentCalled when a reload security settings action is executed. The reload operation must be completed when this method returns. Strictly speaking, thesettingsargument should not be accessed outside of this method's call stack, as any values stored in the node's keystore (seeSecureSetting) will not otherwise be retrievable.There is no guarantee that the secure setting's values have actually changed. Hence, it's up to implementor to detect if the actual internal reloading is necessary.
Any failure during the reloading should be signaled by raising an exception.
For additional info, see also:
ReloadablePlugin.reload(Settings).- Specified by:
reloadin interfaceReloadableSecurityComponent- Parameters:
settings- Settings include the initial node's settings and all decrypted secure settings from the keystore. Absence of a particular secure setting may mean that the setting was either never configured or that it was simply removed.
-