diff options
-rw-r--r-- | charts/aai-elasticsearch/resources/config/sg/sg_config.yml | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml index 3fefe16..9172b71 100644 --- a/charts/aai-elasticsearch/resources/config/sg/sg_config.yml +++ b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml @@ -37,19 +37,19 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL +# kerberos (challenging) # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL +# jwt (not challenging) # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # Authz -# ldap NOT FREE FOR COMMERCIAL USE +# ldap # noop searchguard: @@ -59,7 +59,7 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE + # Kibana multitenancy # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -85,7 +85,7 @@ searchguard: transport_enabled: false order: 6 http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE + type: kerberos challenge: true config: # If true a lot of kerberos/security related debugging output will be logged to standard out @@ -150,7 +150,7 @@ searchguard: challenge: false authentication_backend: # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -176,7 +176,7 @@ searchguard: transport_enabled: false authorization_backend: # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap config: # enable ldaps enable_ssl: false @@ -217,5 +217,5 @@ searchguard: roles_from_another_ldap: enabled: false authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE + type: ldap #config goes here ... |