remove commercial notice

remove non-commercial in use only notice Issue-ID: CLAMP-508 Change-Id: Idcd72e114b4af720497f26f7f7fdd2768f3fb51d Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
author: osgn422w <gervais-martial.ngueko@intl.att.com> 2019-09-18 17:32:52 +0200
committer: osgn422w <gervais-martial.ngueko@intl.att.com> 2019-09-18 17:32:52 +0200
commit: 2d56950c51545130153b39723919cae2d82c41b2 (patch)
tree: fe58f59faadbfc63c1dae0b24ea3f10bcefe6437
parent: aac02f37788a5afad69211b651458a27e14a1707 (diff)
2 files changed, 0 insertions, 104 deletions
diff --git a/src/main/docker/elasticsearch/config/sg/sg_config.yml b/src/main/docker/elasticsearch/config/sg/sg_config.yml
index 7d3a933f..1caeb1dd 100644
--- a/src/main/docker/elasticsearch/config/sg/sg_config.yml
+++ b/src/main/docker/elasticsearch/config/sg/sg_config.yml
@@ -37,19 +37,15 @@
 # HTTP
 #   basic (challenging)
 #   proxy (not challenging, needs xff)
-#   kerberos (challenging) NOT FREE FOR COMMERCIAL
 #   clientcert (not challenging, needs https)
-#   jwt (not challenging) NOT FREE FOR COMMERCIAL
 #   host (not challenging) #DEPRECATED, will be removed in a future version.
 #                           host based authentication is configurable in sg_roles_mapping
 
 # Authc
 #   internal
 #   noop
-#   ldap  NOT FREE FOR COMMERCIAL USE
 
 # Authz
-#   ldap  NOT FREE FOR COMMERCIAL USE
 #   noop
 
 searchguard:
@@ -59,7 +55,6 @@ searchguard:
     # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
     #filtered_alias_mode: warn
     #kibana:
-      # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE
       # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
       # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
       #multitenancy_enabled: true
@@ -80,20 +75,6 @@ searchguard:
         ###### and here https://tools.ietf.org/html/rfc7239
         ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
     authc:
-      kerberos_auth_domain: 
-        http_enabled: false
-        transport_enabled: false
-        order: 6
-        http_authenticator:
-          type: kerberos # NOT FREE FOR COMMERCIAL USE
-          challenge: true
-          config:
-            # If true a lot of kerberos/security related debugging output will be logged to standard out
-            krb_debug: false
-            # If true then the realm will be stripped from the user name
-            strip_realm_from_principal: true
-        authentication_backend:
-          type: noop
       basic_internal_auth_domain: 
         http_enabled: true
         transport_enabled: true
@@ -141,84 +122,7 @@ searchguard:
           challenge: false
         authentication_backend:
           type: noop
-      ldap:
-        http_enabled: false
-        transport_enabled: false
-        order: 5
-        http_authenticator:
-          type: basic
-          challenge: false
-        authentication_backend:
-          # LDAP authentication backend (authenticate users against a LDAP or Active Directory)
-          type: ldap # NOT FREE FOR COMMERCIAL USE
-          config:
-            # enable ldaps
-            enable_ssl: false
-            # enable start tls, enable_ssl should be false
-            enable_start_tls: false
-            # send client certificate
-            enable_ssl_client_auth: false
-            # verify ldap hostname
-            verify_hostnames: true
-            hosts:
-              - localhost:8389
-            bind_dn: null
-            password: null
-            userbase: 'ou=people,dc=example,dc=com'
-            # Filter to search for users (currently in the whole subtree beneath userbase)
-            # {0} is substituted with the username 
-            usersearch: '(sAMAccountName={0})'
-            # Use this attribute from the user as username (if not set then DN is used)
-            username_attribute: null
     authz:    
-      roles_from_myldap:
-        http_enabled: false
-        transport_enabled: false
-        authorization_backend:
-          # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
-          type: ldap # NOT FREE FOR COMMERCIAL USE
-          config:
-            # enable ldaps
-            enable_ssl: false
-            # enable start tls, enable_ssl should be false
-            enable_start_tls: false
-            # send client certificate
-            enable_ssl_client_auth: false
-            # verify ldap hostname
-            verify_hostnames: true
-            hosts:
-              - localhost:8389
-            bind_dn: null
-            password: null
-            rolebase: 'ou=groups,dc=example,dc=com'
-            # Filter to search for roles (currently in the whole subtree beneath rolebase)
-            # {0} is substituted with the DN of the user
-            # {1} is substituted with the username 
-            # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute            
-            rolesearch: '(member={0})'
-            # Specify the name of the attribute which value should be substituted with {2} above
-            userroleattribute: null
-            # Roles as an attribute of the user entry
-            userrolename: disabled
-            #userrolename: memberOf
-            # The attribute in a role entry containing the name of that role, Default is "name".
-            # Can also be "dn" to use the full DN as rolename.
-            rolename: cn
-            # Resolve nested roles transitive (roles which are members of other roles and so on ...)
-            resolve_nested_roles: true
-            userbase: 'ou=people,dc=example,dc=com'
-            # Filter to search for users (currently in the whole subtree beneath userbase)
-            # {0} is substituted with the username 
-            usersearch: '(uid={0})'
-            # Skip users matching a user name, a wildcard or a regex pattern
-            #skip_users: 
-            #  - 'cn=Michael Jackson,ou*people,o=TEST'
-            #  - '/\S*/'    
-      roles_from_another_ldap:
-        enabled: false
-        authorization_backend:
-          type: ldap # NOT FREE FOR COMMERCIAL USE
-          #config goes here ...
 #    auth_failure_listeners:
 #      ip_rate_limiting:
 #        type: ip
diff --git a/src/main/docker/elasticsearch/config/sg/sg_roles.yml b/src/main/docker/elasticsearch/config/sg/sg_roles.yml
index 6902fba2..9f391eb8 100644
--- a/src/main/docker/elasticsearch/config/sg/sg_roles.yml
+++ b/src/main/docker/elasticsearch/config/sg/sg_roles.yml
@@ -33,14 +33,6 @@
 # Workaround: Just configure something like '?kibana' instead of '.kibana' or 'my?index' instead of 'my.index'
 # This limitation will likely removed with Search Guard 6
 
-# DLS (Document level security) - NOT FREE FOR COMMERCIAL
-# http://docs.search-guard.com/v6/document-level-security
-
-# FLS (Field level security) - NOT FREE FOR COMMERCIAL
-# http://docs.search-guard.com/v6/field-level-security
-
-# Kibana multitenancy - NOT FREE FOR COMMERCIAL
-# http://docs.search-guard.com/v6/kibana-multi-tenancy
 
 # Allows everything, but no changes to searchguard configuration index
 sg_all_access:
author	osgn422w <gervais-martial.ngueko@intl.att.com>	2019-09-18 17:32:52 +0200
committer	osgn422w <gervais-martial.ngueko@intl.att.com>	2019-09-18 17:32:52 +0200
commit	2d56950c51545130153b39723919cae2d82c41b2 (patch)
tree	fe58f59faadbfc63c1dae0b24ea3f10bcefe6437
parent	aac02f37788a5afad69211b651458a27e14a1707 (diff)