Shield embedded integration tests support

security

(avibh) #1

Hi,

I've been using elasticsearch as a local (embedded) node for my integration tests through the following code

Node node = nodeBuilder().local(true).node();
Client client = node.client();
return client;

now that Shield is on board I want to run my tests with user authorization.
how do I run my embedded ES with Shield?
currently I'm using ES 1.5.1, not planning on moving to 2.0beta yet.

thanks


(Jay Modi) #2

Hi,

When using Shield, the local transport is not supported and we recommend using a transport client to connect to the cluster. Additionally, with Shield you will need to add a user for your tests or provide some configuration around authentication such as LDAP and role mapping depending on what you would like to test.

I would suggest that your test start up a node with the appropriate settings and then you can create a transport client to connect to the node in your test. If you plan to use the esusers realm, you can pre-populate the users and users_roles files and then configure the esusers realm to use those files. Additionally, you will also need a roles.yml file with the role definitions that you wish to use and that location can be configured via the shield.authz.store.file.roles setting.


(system) #3