java.lang.Object
org.elasticsearch.xpack.core.security.user.User
org.elasticsearch.xpack.core.security.user.InternalUser
org.elasticsearch.xpack.core.security.user.SystemUser
- All Implemented Interfaces:
org.elasticsearch.xcontent.ToXContent,org.elasticsearch.xcontent.ToXContentObject
Internal user that is applied to all requests made elasticsearch itself
-
Nested Class Summary
Nested classes/interfaces inherited from class org.elasticsearch.xpack.core.security.user.User
User.FieldsNested classes/interfaces inherited from interface org.elasticsearch.xcontent.ToXContent
org.elasticsearch.xcontent.ToXContent.DelegatingMapParams, org.elasticsearch.xcontent.ToXContent.MapParams, org.elasticsearch.xcontent.ToXContent.Params -
Field Summary
FieldsFields inherited from interface org.elasticsearch.xcontent.ToXContent
EMPTY, EMPTY_PARAMS -
Method Summary
Modifier and TypeMethodDescriptioncrossClusterAccessSubjectInfo(TransportVersion transportVersion, String nodeName) The role descriptor intersection in the returned subject info is always empty.The local-cluster role descriptor assigned to this internal user, orOptional.empty()if this user does not have a role.static booleanDeprecated.static booleanisAuthorized(String action) Methods inherited from class org.elasticsearch.xpack.core.security.user.InternalUser
equals, getRemoteAccessRoleDescriptor, hashCodeMethods inherited from class org.elasticsearch.xpack.core.security.user.User
email, enabled, fullName, innerToXContent, metadata, principal, roles, toString, toXContent, writeUserMethods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, waitMethods inherited from interface org.elasticsearch.xcontent.ToXContentObject
isFragment
-
Field Details
-
NAME
- See Also:
-
ROLE_NAME
Deprecated.- See Also:
-
-
Method Details
-
getLocalClusterRoleDescriptor
Description copied from class:InternalUserThe local-cluster role descriptor assigned to this internal user, orOptional.empty()if this user does not have a role. ThisRoleDescriptordefines the privileges that the internal-user has for requests that originate from a node within the local cluster.- Overrides:
getLocalClusterRoleDescriptorin classInternalUser- Returns:
Optional.empty()because the_systemuser does not use role based security- See Also:
-
is
Deprecated. -
isAuthorized
-
crossClusterAccessSubjectInfo
public static CrossClusterAccessSubjectInfo crossClusterAccessSubjectInfo(TransportVersion transportVersion, String nodeName) The role descriptor intersection in the returned subject info is always empty. Because the privileges of the cross cluster access internal user are static, we set them during role reference resolution instead of needlessly deserializing the role descriptor intersection (see flow starting atSubject.getRoleReferenceIntersection(AnonymousUser))
-