Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add metadata to exception when ApiKey/Token services are not enabled #52311

Closed
tvernum opened this issue Feb 13, 2020 · 1 comment · Fixed by #52811
Closed

Add metadata to exception when ApiKey/Token services are not enabled #52311

tvernum opened this issue Feb 13, 2020 · 1 comment · Fixed by #52811
Labels
:Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)

Comments

@tvernum
Copy link
Contributor

tvernum commented Feb 13, 2020
edited
Loading

Replaces: #51585
Relates: elastic/kibana#55255

There are cases where the ApiKeyService and TokenService throw exceptions if they are disabled (e.g. you cannot list API Keys, or create an API Key if the service is disabled).

In these cases we should add a metadata field to the thrown exception (e.g. "es.disabled.feature" : "API-Key-Service") so that consumers of the REST API can detect this root cause without needing to parse error messages.
@tvernum tvernum added the :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) label Feb 13, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authentication)

This was referenced Feb 13, 2020
Closed
Closed
tvernum added a commit to tvernum/elasticsearch that referenced this issue Feb 26, 2020
@tvernum
Add exception metadata for disabled features
77bdebe 
This change adds a new exception with consistent metadata for when
security features are not enabled. This allows clients to be able to
tell that an API failed due to a configuration option, and respond
accordingly.

Relates: kibana#55255
Resolves: elastic#52311
@tvernum tvernum mentioned this issue Feb 26, 2020
Merged
@pmuellr pmuellr mentioned this issue Mar 4, 2020
Closed
tvernum added a commit that referenced this issue Mar 5, 2020
@tvernum
Add exception metadata for disabled features (#52811)
f5ba0f6 
This change adds a new exception with consistent metadata for when
security features are not enabled. This allows clients to be able to
tell that an API failed due to a configuration option, and respond
accordingly.

Relates: kibana#55255
Resolves: #52311, #47759
tvernum added a commit to tvernum/elasticsearch that referenced this issue Mar 23, 2020
@tvernum
Add exception metadata for disabled features
49979a0 
This change adds a new exception with consistent metadata for when
security features are not enabled. This allows clients to be able to
tell that an API failed due to a configuration option, and respond
accordingly.

Relates: kibana#55255
Resolves: elastic#52311, elastic#47759

Backport of: elastic#52811
@tvernum tvernum mentioned this issue Mar 23, 2020
Merged
tvernum added a commit that referenced this issue Mar 23, 2020
@tvernum
Add exception metadata for disabled features (#53941)
f003a41 
This change adds a new exception with consistent metadata for when
security features are not enabled. This allows clients to be able to
tell that an API failed due to a configuration option, and respond
accordingly.

Relates: kibana#55255
Resolves: #52311, #47759

Backport of: #52811
@jportner jportner mentioned this issue Mar 23, 2020
Open
@codebrain codebrain mentioned this issue Apr 1, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
:Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add exception metadata for disabled features tvernum/elasticsearch
2 participants
@tvernum @elasticmachine