Java Code Examples for org.elasticsearch.common.settings.Settings#getGroups()
The following examples show how to use
org.elasticsearch.common.settings.Settings#getGroups() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LDAPUserSearcher.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
|
static List<Map.Entry<String, Settings>> getUserBaseSettings(Settings settings) {
Map<String, Settings> userBaseSettingsMap = new HashMap<>(
settings.getGroups(ConfigConstants.LDAP_AUTHCZ_USERS));
if (!userBaseSettingsMap.isEmpty()) {
if (settings.hasValue(ConfigConstants.LDAP_AUTHC_USERBASE)) {
throw new RuntimeException(
"Both old-style and new-style configuration defined for LDAP authentication backend: "
+ settings);
}
return Utils.getOrderedBaseSettings(userBaseSettingsMap);
} else {
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(ConfigConstants.LDAP_AUTHCZ_BASE,
settings.get(ConfigConstants.LDAP_AUTHC_USERBASE, DEFAULT_USERBASE));
settingsBuilder.put(ConfigConstants.LDAP_AUTHCZ_SEARCH,
settings.get(ConfigConstants.LDAP_AUTHC_USERSEARCH, DEFAULT_USERSEARCH_PATTERN));
return Collections.singletonList(Pair.of("_legacyConfig", settingsBuilder.build()));
}
}
Example 2
| Source File: LDAPAuthenticationBackend.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
|
static List<Map.Entry<String, Settings>> getUserBaseSettings(Settings settings) {
Map<String, Settings> userBaseSettingsMap = new HashMap<>(
settings.getGroups(ConfigConstants.LDAP_AUTHCZ_USERS));
if (!userBaseSettingsMap.isEmpty()) {
if (settings.hasValue(ConfigConstants.LDAP_AUTHC_USERBASE)) {
throw new RuntimeException(
"Both old-style and new-style configuration defined for LDAP authentication backend: "
+ settings);
}
return Utils.getOrderedBaseSettings(userBaseSettingsMap);
} else {
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(ConfigConstants.LDAP_AUTHCZ_BASE,
settings.get(ConfigConstants.LDAP_AUTHC_USERBASE, DEFAULT_USERBASE));
settingsBuilder.put(ConfigConstants.LDAP_AUTHCZ_SEARCH,
settings.get(ConfigConstants.LDAP_AUTHC_USERSEARCH, DEFAULT_USERSEARCH_PATTERN));
return Collections.singletonList(Pair.of("_legacyConfig", settingsBuilder.build()));
}
}
Example 3
| Source File: ScriptModes.java From Elasticsearch with Apache License 2.0 | 6 votes |
|
private static void processEngineSpecificSettings(Settings settings, Map<String, ScriptEngineService> scriptEngines, ScriptContextRegistry scriptContextRegistry, Map<String, ScriptMode> scriptModes) {
Map<String, Settings> langGroupedSettings = settings.getGroups(ENGINE_SETTINGS_PREFIX, true);
for (Map.Entry<String, Settings> langSettings : langGroupedSettings.entrySet()) {
//read engine specific settings that refer to a non existing script lang will be ignored
ScriptEngineService scriptEngineService = scriptEngines.get(langSettings.getKey());
if (scriptEngineService != null) {
for (ScriptType scriptType : ScriptType.values()) {
String scriptTypePrefix = scriptType + ".";
for (ScriptContext scriptContext : scriptContextRegistry.scriptContexts()) {
ScriptMode scriptMode = getScriptContextMode(langSettings.getValue(), scriptTypePrefix, scriptContext);
if (scriptMode != null) {
addScriptMode(scriptEngineService, scriptType, scriptContext, scriptMode, scriptModes);
}
}
}
}
}
}
Example 4
| Source File: AwarenessAllocationDecider.java From Elasticsearch with Apache License 2.0 | 6 votes |
|
@Inject
public AwarenessAllocationDecider(Settings settings, NodeSettingsService nodeSettingsService) {
super(settings);
this.awarenessAttributes = settings.getAsArray(CLUSTER_ROUTING_ALLOCATION_AWARENESS_ATTRIBUTES);
forcedAwarenessAttributes = Maps.newHashMap();
Map<String, Settings> forceGroups = settings.getGroups(CLUSTER_ROUTING_ALLOCATION_AWARENESS_FORCE_GROUP);
for (Map.Entry<String, Settings> entry : forceGroups.entrySet()) {
String[] aValues = entry.getValue().getAsArray("values");
if (aValues.length > 0) {
forcedAwarenessAttributes.put(entry.getKey(), aValues);
}
}
nodeSettingsService.addListener(new ApplySettings());
}
Example 5
| Source File: LDAPAuthorizationBackend2.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
|
private static List<Map.Entry<String, Settings>> getRoleSearchSettings(Settings settings) {
Map<String, Settings> groupedSettings = settings.getGroups(ConfigConstants.LDAP_AUTHZ_ROLES, true);
if (!groupedSettings.isEmpty()) {
// New style settings
return Utils.getOrderedBaseSettings(groupedSettings);
} else {
// Old style settings
return convertOldStyleSettingsToNewStyle(settings);
}
}
Example 6
| Source File: LDAPAuthorizationBackend.java From deprecated-security-advanced-modules with Apache License 2.0 | 5 votes |
|
private static List<Map.Entry<String, Settings>> getRoleSearchSettings(Settings settings) {
Map<String, Settings> groupedSettings = settings.getGroups(ConfigConstants.LDAP_AUTHZ_ROLES, true);
if (!groupedSettings.isEmpty()) {
// New style settings
return Utils.getOrderedBaseSettings(groupedSettings);
} else {
// Old style settings
return convertOldStyleSettingsToNewStyle(settings);
}
}
Example 7
| Source File: AwarenessAllocationDecider.java From Elasticsearch with Apache License 2.0 | 5 votes |
|
@Override
public void onRefreshSettings(Settings settings) {
String[] awarenessAttributes = settings.getAsArray(CLUSTER_ROUTING_ALLOCATION_AWARENESS_ATTRIBUTES,
AwarenessAllocationDecider.this.settings.getAsArray(CLUSTER_ROUTING_ALLOCATION_AWARENESS_ATTRIBUTES));
if ("".equals(settings.get(CLUSTER_ROUTING_ALLOCATION_AWARENESS_ATTRIBUTES, null))) {
awarenessAttributes = Strings.EMPTY_ARRAY; // the empty string resets this
}
if (awarenessAttributes != null && !Arrays.equals(AwarenessAllocationDecider.this.awarenessAttributes, awarenessAttributes)) {
logger.info("updating [cluster.routing.allocation.awareness.attributes] from [{}] to [{}]", AwarenessAllocationDecider.this.awarenessAttributes, awarenessAttributes);
AwarenessAllocationDecider.this.awarenessAttributes = awarenessAttributes;
}
Map<String, String[]> forcedAwarenessAttributes = new HashMap<>();
Map<String, Settings> forceGroups = settings.getGroups(CLUSTER_ROUTING_ALLOCATION_AWARENESS_FORCE_GROUP);
if (forceGroups.isEmpty()) {
// check initial values (from config file)
forceGroups = AwarenessAllocationDecider.this.settings.getGroups(CLUSTER_ROUTING_ALLOCATION_AWARENESS_FORCE_GROUP);
}
if (!forceGroups.isEmpty()) {
for (Map.Entry<String, Settings> entry : forceGroups.entrySet()) {
String[] aValues = entry.getValue().getAsArray("values");
if (aValues.length > 0) {
forcedAwarenessAttributes.put(entry.getKey(), aValues);
}
}
}
AwarenessAllocationDecider.this.forcedAwarenessAttributes = forcedAwarenessAttributes;
}
Example 8
| Source File: Security.java From Elasticsearch with Apache License 2.0 | 5 votes |
|
static void addBindPermissions(Permissions policy, Settings settings) throws IOException {
// http is simple
String httpRange = settings.get("http.netty.port",
settings.get("http.port",
NettyHttpServerTransport.DEFAULT_PORT_RANGE));
// listen is always called with 'localhost' but use wildcard to be sure, no name service is consulted.
// see SocketPermission implies() code
policy.add(new SocketPermission("*:" + httpRange, "listen,resolve"));
// transport is waaaay overengineered
Map<String, Settings> profiles = settings.getGroups("transport.profiles", true);
if (!profiles.containsKey(NettyTransport.DEFAULT_PROFILE)) {
profiles = new HashMap<>(profiles);
profiles.put(NettyTransport.DEFAULT_PROFILE, Settings.EMPTY);
}
// loop through all profiles and add permissions for each one, if its valid.
// (otherwise NettyTransport is lenient and ignores it)
for (Map.Entry<String, Settings> entry : profiles.entrySet()) {
Settings profileSettings = entry.getValue();
String name = entry.getKey();
String transportRange = profileSettings.get("port",
settings.get("transport.tcp.port",
NettyTransport.DEFAULT_PORT_RANGE));
// a profile is only valid if its the default profile, or if it has an actual name and specifies a port
boolean valid = NettyTransport.DEFAULT_PROFILE.equals(name) || (Strings.hasLength(name) && profileSettings.get("port") != null);
if (valid) {
// listen is always called with 'localhost' but use wildcard to be sure, no name service is consulted.
// see SocketPermission implies() code
policy.add(new SocketPermission("*:" + transportRange, "listen,resolve"));
}
}
}
Example 9
| Source File: CustomRealm.java From shield-custom-realm-example with Apache License 2.0 | 5 votes |
|
/**
* Utility method to extract a user from the realm's settings
* @param settings the settings of the realm. This is not the node's settings
* @return a {@link Map} of the usernames to the information about the user
*/
private static Map<String, InfoHolder> parseUsersMap(Settings settings) {
Map<String, Settings> usersSerttings = settings.getGroups("users");
Map<String, InfoHolder> usersMap = new HashMap<>(usersSerttings.size());
for (Entry<String, Settings> entry : usersSerttings.entrySet()) {
Settings userSettings = entry.getValue();
String username = entry.getKey();
String password = userSettings.get("password");
if (Strings.isEmpty(password)) {
throw new IllegalArgumentException("password must be specified for user [" + username + "]");
}
usersMap.put(username, new InfoHolder(password, userSettings.getAsList("roles").toArray(new String[] {})));
}
return Collections.unmodifiableMap(usersMap);
}
Example 10
| Source File: GcMonitor.java From elasticsearch-helper with Apache License 2.0 | 5 votes |
|
public GcMonitor(Settings settings) {
this.enabled = settings.getAsBoolean("monitor.gc.enabled", false);
TimeValue interval = settings.getAsTime("monitor.gc.interval", timeValueSeconds(1));
this.gcThresholds = new HashMap<>();
Map<String, Settings> gcThresholdGroups = settings.getGroups("monitor.gc.level");
for (Map.Entry<String, Settings> entry : gcThresholdGroups.entrySet()) {
String name = entry.getKey();
TimeValue warn = entry.getValue().getAsTime("warn", null);
TimeValue info = entry.getValue().getAsTime("info", null);
TimeValue debug = entry.getValue().getAsTime("debug", null);
if (warn == null || info == null || debug == null) {
logger.warn("ignoring gc_threshold for [{}], missing warn/info/debug values", name);
} else {
gcThresholds.put(name, new GcThreshold(name, warn.millis(), info.millis(), debug.millis()));
}
}
if (!gcThresholds.containsKey(JvmInfo.YOUNG)) {
gcThresholds.put(JvmInfo.YOUNG, new GcThreshold(JvmInfo.YOUNG, 1000, 700, 400));
}
if (!gcThresholds.containsKey(JvmInfo.OLD)) {
gcThresholds.put(JvmInfo.OLD, new GcThreshold(JvmInfo.OLD, 10000, 5000, 2000));
}
if (!gcThresholds.containsKey("default")) {
gcThresholds.put("default", new GcThreshold("default", 10000, 5000, 2000));
}
logger.debug("enabled [{}], interval [{}], gc_threshold [{}]", enabled, interval, this.gcThresholds);
if (enabled) {
scheduledFuture = Executors.newSingleThreadScheduledExecutor().scheduleWithFixedDelay(new GcMonitorThread(), 0L, interval.seconds(), TimeUnit.SECONDS);
}
}
Example 11
| Source File: ThreadPool.java From Elasticsearch with Apache License 2.0 | 4 votes |
|
private Map<String, Settings> getThreadPoolSettingsGroup(Settings settings) {
Map<String, Settings> groupSettings = settings.getGroups(THREADPOOL_GROUP);
validate(groupSettings);
return groupSettings;
}
Example 12
| Source File: OpenShiftTokenAuthentication.java From openshift-elasticsearch-plugin with Apache License 2.0 | 4 votes |
|
public OpenShiftTokenAuthentication(final Settings settings) {
sars = settings.getGroups("subjectAccessReviews");
PluginServiceFactory.setBackendRoleRetriever(this);
}
