Search Guard 6.x-23.2
Release Date: 20.11.2018
Fixes
Search Guard
- Maven would break the build if user- and group IDs are too long
- The license endpoint would falsely report a module version mismatch if some nodes have
http.enabled
set to false- In consequence, this leads to the Search Guard Kibana config GUI not being displayed
- https://github.com/floragunncom/search-guard/commit/47e32aafd8f4494c8ca3a6742d1c82337c1fc966
Field anonymization
- Update API disabled for all indices
- If a role had field anonymization enabled, the Elasticsearch update API was falsely disabled for all indices
- https://github.com/floragunncom/search-guard/pull/582
SAML
- SAML fails when IdP URL has query parameters
Features
Search Guard
- Java 11 compatibility
- This version of Search Guard is compatible with Java 11
- Experimental: TLSv1.3 compatibility
- Added TLSv1.3 via Java 11 JCE
- Support is experimental, do not use in production yet
- SSL only mode
- Search Guard SSL is not released as a separate plugin anymore
- This feature introduces an “SSL only” mode to Search Guard
- This disables all features exept REST and transport TLS, restoring the behaviour of the Search Guard SSL plugin
- https://github.com/floragunncom/search-guard/pull/573
- Allow snapshot and restore for the Search Guard index
- If enabled, regular users can snapshot and restore the Search Guard index
- https://github.com/floragunncom/search-guard/pull/574
- Allow user injection for OEM system integrators
- When bundling Search Guard with other products, this allows to inject a user directly via the ThreadContext
- https://github.com/floragunncom/search-guard/pull/567
REST API
- REST API: Partial updates via PATCH
- Makes it possible to update only parts of a resource via JSON patch
- https://github.com/floragunncom/search-guard-enterprise-modules/pull/10
- REST API: Bulk updates via PATCH
- It is now possible to insert and update more than one resource at once
- https://github.com/floragunncom/search-guard-enterprise-modules/pull/12
- REST API: Hide resources completely
- Resources can now be marked as “hidden”
- Hidden resources are not viewable or changeable
- This makes it possible to hide system users like kibanaserver or logstash from end user
- https://github.com/floragunncom/search-guard-enterprise-modules/pull/9