Comments (4)
@derek-ho The security-dashboards-plugin has multiple responsibilities, but I disagree that its tightly coupled. Whichever plugin manages the session needs to be aware of the same security model that the pages in the security-dashboards-plugin reveal. I think of the responsibilities like this:
- Session Management (Log in screen, log out, cookie management and user info) - These features are required for the security dashboards plugin to have a functioning instance of OSD coupled to a cluster running with the security plugin enabled
- Security Admin Pages - This can be thought of as optional and really a convenience for configuring security through dashboards. An admin can always directly use the security APIs or securityadmin to manage security in the cluster.
For 2), I suppose you can think of it like an admin-portal
plugin. In order for OSD to function with an OpenSearch backend with the security plugin installed 1) is a requirement and 2) is for convenience.
from security-dashboards-plugin.
Thanks for the response @cwperks ! I guess I was getting more at the fact that it is tightly coupled because it is bundled as part of the same plugin. Another use case in which this might be useful is if in multiple datasources, and users want to configure audit logging, but do not want the other features of the security plugin. We should still allow users to turn off the cookies/session management since it may not apply in that case.
from security-dashboards-plugin.
[Triage] Looks like there is not any comments on this so will not mark it as triaged just yet. We can review this in next weeks meeting and close it if there is no need for it.
from security-dashboards-plugin.
@derek-ho would you provide an update on how you would like this issue to be addressed at this point? Thank you.
from security-dashboards-plugin.
Related Issues (20)
- Permissions on the UI are not displayed in the index permissions category [BUG] HOT 2
- [BUG] Add security_tenant parameter for short links HOT 5
- [FEATURE] Support Version Decoupling in Security Dashboards Plugin HOT 1
- Using Combobox for Backend Role Mapping HOT 2
- Security Plugin - OpenID Connect Authentication returns 401 Unauthorized since 2.14 HOT 12
- [AUTOCUT] Distribution Build Failed for securityDashboards-2.15.0 HOT 6
- [AUTOCUT] Integration Test failed for securityDashboards: 1.3.17 HOT 5
- [BUG] Tenancy should be automatically switched to user's default tenant when the user does not have access to the tenant read from a cookie HOT 1
- [BUG / CI] Investigate OIDC Cypress E2E test failures on 2.x CI runs HOT 1
- Different indexes are accessed depending on the tenant HOT 3
- [FEATURE] security_authentication cookie lacks SameSite attribute
- [RELEASE] Release version 2.15.0 HOT 2
- [AUTOCUT] Integration Test failed for securityDashboards: 2.15.0 HOT 9
- [RELEASE] Release version 2.16.0 HOT 2
- [Enhancement] Remove service account code in main HOT 2
- [FEATURE] Deprecate/remove aggregation view HOT 1
- [FEATURE] Support JDK 21 for main branch HOT 1
- [BUG] Remove AOSS data sources from the data source picker HOT 1
- [AUTOCUT] Integration Test failed for securityDashboards: 2.15.0 HOT 6
- [BUG] Missing OIDC refresh token calls in case of expired id token HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-dashboards-plugin.