summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_config.yml18
1 files changed, 9 insertions, 9 deletions
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml
index 3fefe16..9172b71 100644
--- a/charts/aai-elasticsearch/resources/config/sg/sg_config.yml
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml
@@ -37,19 +37,19 @@
# HTTP
# basic (challenging)
# proxy (not challenging, needs xff)
-# kerberos (challenging) NOT FREE FOR COMMERCIAL
+# kerberos (challenging)
# clientcert (not challenging, needs https)
-# jwt (not challenging) NOT FREE FOR COMMERCIAL
+# jwt (not challenging)
# host (not challenging) #DEPRECATED, will be removed in a future version.
# host based authentication is configurable in sg_roles_mapping
# Authc
# internal
# noop
-# ldap NOT FREE FOR COMMERCIAL USE
+# ldap
# Authz
-# ldap NOT FREE FOR COMMERCIAL USE
+# ldap
# noop
searchguard:
@@ -59,7 +59,7 @@ searchguard:
# Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
#filtered_alias_mode: warn
#kibana:
- # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE
+ # Kibana multitenancy
# see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
# To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
#multitenancy_enabled: true
@@ -85,7 +85,7 @@ searchguard:
transport_enabled: false
order: 6
http_authenticator:
- type: kerberos # NOT FREE FOR COMMERCIAL USE
+ type: kerberos
challenge: true
config:
# If true a lot of kerberos/security related debugging output will be logged to standard out
@@ -150,7 +150,7 @@ searchguard:
challenge: false
authentication_backend:
# LDAP authentication backend (authenticate users against a LDAP or Active Directory)
- type: ldap # NOT FREE FOR COMMERCIAL USE
+ type: ldap
config:
# enable ldaps
enable_ssl: false
@@ -176,7 +176,7 @@ searchguard:
transport_enabled: false
authorization_backend:
# LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
- type: ldap # NOT FREE FOR COMMERCIAL USE
+ type: ldap
config:
# enable ldaps
enable_ssl: false
@@ -217,5 +217,5 @@ searchguard:
roles_from_another_ldap:
enabled: false
authorization_backend:
- type: ldap # NOT FREE FOR COMMERCIAL USE
+ type: ldap
#config goes here ...