I am trying to implement a custom authentication realm for Elasticsearch, as documented at https://www.elastic.co/guide/en/elasticsearch/reference/current/custom-realms.html. I think I understand the basics, but I suspect there's some version differences between what I see in the documentation and what I'm able to get building.
Specifically, I followed the link to the sample custom realm and tried to implement an extension of the
org.elasticsearch.xpack.core.security.authc.Realm class. According to the sample code, I should be implementing a method with this signature:
public void authenticate(AuthenticationToken authToken, ActionListener<AuthenticationResult> listener)
But when I try to compile my code against the appropriate Elasticsearch jar files, it appears that it is instead expecting this signature:
public User authenticate(AuthenticationToken token)
There are other methods with similar signature mismatches as well. My assumption is that my build is using an old version of the
org.elasticsearch.xpack.core.security.authc.Realm class but I have been unable to confirm or correct the issue. I am building with Gradle, and the only way I seem to express my dependency on these classes is this:
compileOnly group:'org.elasticsearch.plugin', name:'x-pack-api', version: '5.6.1'
So clearly this is an old version of X-pack that doesn't seem to line up with current versions of Elasticsearch. But I can't seem to find newer release of the x-pack-api jar, nor can I find the classes it defines (including
org.elasticsearch.xpack.core.security.authc.Realm) in any other Elasticsearch-provided jar file.
What am I missing here? Is there documentation somewhere that describes what ES jar files I should depend on to create a custom realm? Or is the sample code in the above link out of date?
Thanks in advance for any help you can provide...