Skip to content

Commit

Permalink
SecuritySettingsSource license.self_generated: trial (elastic#38233)
Browse files Browse the repository at this point in the history
Authn is enabled only if `license_type` is non `basic`, but `basic` is
what the `LicenseService` generates implicitly. This commit explicitly sets
license type to `trial`, which allows for authn, in the `SecuritySettingsSource`
which is the settings configuration parameter for `InternalTestCluster`s.

The real problem, that had created tests failures like elastic#31028 and elastic#32685, is
that the check `licenseState.isAuthAllowed()` can change sporadically. If it were
to return `true` or `false` during the whole test there would be no problem.
The problem manifests when it turns from `true` to `false` right before `Realms.asList()`.
There are other license checks before this one (request filter, token service, etc)
that would not cause a problem if they would suddenly see the check as `false`.
But switching to `false` before `Realms.asList()` makes it appear that no installed
realms could have handled the authn token which is an authentication error, as can
be seen in the failing tests.

Closes elastic#31028 elastic#32685
  • Loading branch information
albertzaharovits authored Feb 5, 2019
1 parent 3b2a0d7 commit 8e2eb39
Showing 1 changed file with 2 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,8 @@ public Settings nodeSettings(int nodeOrdinal) {
.put(LoggingAuditTrail.EMIT_NODE_NAME_SETTING.getKey(), randomBoolean())
.put(LoggingAuditTrail.EMIT_NODE_ID_SETTING.getKey(), randomBoolean())
.put("xpack.security.authc.realms." + FileRealmSettings.TYPE + ".file.order", 0)
.put("xpack.security.authc.realms." + NativeRealmSettings.TYPE + ".index.order", "1");
.put("xpack.security.authc.realms." + NativeRealmSettings.TYPE + ".index.order", "1")
.put("xpack.license.self_generated.type", "trial");
addNodeSSLSettings(builder);
return builder.build();
}
Expand Down

0 comments on commit 8e2eb39

Please sign in to comment.