Skip to content

Adjust file realm docs #52471

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Feb 25, 2020
Merged

Adjust file realm docs #52471

merged 3 commits into from
Feb 25, 2020

Conversation

jkakavas
Copy link
Contributor

The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should only be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is a use case for the file realm but not the only intended one.

@jkakavas
Adjust file realm docs
9022623 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
@jkakavas jkakavas added >docs General docs changes >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Feb 18, 2020
@jkakavas jkakavas requested a review from lcawl February 18, 2020 11:57
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs (>docs)

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authentication)

@jkakavas jkakavas requested a review from tvernum February 18, 2020 11:57
lcawl
lcawl reviewed Feb 18, 2020
View reviewed changes
x-pack/docs/en/security/authentication/file-realm.asciidoc Outdated
The `file` realm is very useful as a fallback/recovery realm, for instance in cases where
the cluster is unresponsive or the security index is unavailable, or when you forget the
password for your administrative users.
In this type of scenarios, the `file` realm is a convenient way out - you can
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
In this type of scenarios, the `file` realm is a convenient way out - you can
In this type of scenario, the `file` realm is a convenient way out - you can

lcawl
lcawl reviewed Feb 18, 2020
View reviewed changes
x-pack/docs/en/security/authentication/file-realm.asciidoc Outdated
(no one remembers their username/password). In this type of scenarios, the `file`
realm is your only way out - you can define a new `admin` user in the `file` realm
and use it to log in and reset the credentials of all other users.
The `file` realm is very useful as a fallback/recovery realm, for instance in cases where
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not mandatory, but I prefer spelling out "/" and splitting this long sentence in two:

Suggested change
The `file` realm is very useful as a fallback/recovery realm, for instance in cases where
The `file` realm is very useful as a fallback or recovery realm. For example, use it in cases where

lcawl
lcawl approved these changes Feb 18, 2020
View reviewed changes
Copy link
Contributor

@lcawl lcawl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor comments, otherwise LGTM

tvernum
tvernum reviewed Feb 19, 2020
View reviewed changes
Copy link
Contributor

@tvernum tvernum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this softens the wording too much

I think we can away people away from over using the file realm by explicitly point out the the file realm users cannot be retrieved from the API or the Kibana Security Management UI.

I can come up with some possible wording when I'm not on mobile.

@jkakavas
Copy link
Contributor Author

I feel like this softens the wording too much

Fair enough

I think we can away people away from over using the file realm by explicitly point out the the file realm users cannot be retrieved from the API or the Kibana Security Management UI.

I felt like the "important" above + the docs on the user APIs are enough, but you're probably right, I'll amend this to spell it out

@jkakavas
Copy link
Contributor Author

How about now @tvernum ?

@jkakavas jkakavas requested a review from tvernum February 21, 2020 08:47
tvernum
tvernum approved these changes Feb 25, 2020
View reviewed changes
Copy link
Contributor

@tvernum tvernum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks.

@jkakavas jkakavas merged commit abeb837 into elastic:master Feb 25, 2020
@jkakavas jkakavas mentioned this pull request Feb 25, 2020
Merged
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (elastic#52471)
6ca2c96 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (elastic#52471)
77ed55a 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
@jkakavas jkakavas mentioned this pull request Feb 25, 2020
Merged
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (elastic#52471)
b976785 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
@jkakavas jkakavas mentioned this pull request Feb 25, 2020
Merged
jkakavas added a commit that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (#52471) (#52747)
c1aed6f 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
jkakavas added a commit that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (#52471) (#52746)
4b1f3e4 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
jkakavas added a commit that referenced this pull request Feb 25, 2020
@jkakavas
Adjust file realm docs (#52471) (#52745)
e2aa5bc 
The existing wording in the file realm docs proved confusing
for users as it seemed to indicate that it should _only_ be
used as a fallback/recovery realm and that it is not a
first class realm.

This change attempts to clarify this and point out that recovery
is _a_ use case for the file realm but not the only intended one.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tvernum tvernum tvernum approved these changes

@lcawl lcawl lcawl approved these changes

Assignees

No one assigned

Labels

>docs General docs changes >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jkakavas @elasticmachine @tvernum @lcawl