Release Notes

• [2.1.1] Added in 2.1.1. The kibana4 role now grants access to the Field Stats API.
• [2.0.0] Added in 2.0.0. The permission on all the roles are updated to the verbose format to make it easier to enable field level and document level security. The transport_client role has been updated to work with Elasticsearch 2.0.0. The marvel_user role has been updated to work with Marvel 2.0 and a remote_marvel_agent role has been added. The kibana3 and marvel_agent roles have been removed.
• [1.1.0] Added in 1.1.0. kibana4_server role added that defines the minimum set of permissions necessary for the Kibana 4 server.
• [1.0.1] Added in 1.0.1. kibana4 role updated to work with new features in Kibana 4 RC1

Bug Fixes

• Enable document and field level security by default.
• Fix issues with message authentication on certain JDKs that do not support cloning message authentication codes.
• Built in realms no longer throw an exception if the Authorization header does not contain a basic authentication token.
• Ensure each tribe client node has the same shield configuration as defined in the settings.

New Features

• Shield plugin for Kibana: Secures user sessions and enables users to log in and out of Kibana. For information about installing the Shield plugin, see Using Kibana with Shield.

Bug Fixes

• Update requests (including within bulk requests) are blocked when document and field level security is enabled

Enhancements

• Adds support for Elasticssearch 2.1.2

Bug Fixes

• Disable the request cache when document level security is in use for a search request.
• Fix startup failures when using auditing and enabling network information output.
• Updated the kibana4 role to include the Field Stats API.

Breaking Changes

• Same as 2.0.1. Document and Field Level Security is now disabled by default. Set shield.dls_fls.enabled to true in elasticsearch.yml to enable it. You cannot submit _bulk update requests when document and field level security is enabled.

Enhancements

• Adds support for Elasticsearch 2.1.0.

Bug Fixes

• Disable the request cache when document level security is in use for a search request.

Breaking Changes

• Document and Field Level Security is now disabled by default. Set shield.dls_fls.enabled to true in elasticsearch.yml to enable it. You cannot submit _bulk update requests when document and field level security is enabled.

Breaking Changes

• All files that Shield uses must be kept in the configuration directory due to the enhanced security of Elasticsearch 2.0.
• The network format has been changed from all previous versions of Shield and a full cluster restart is required to upgrade to Shield 2.0.

New Features

• Document and Field Level Security support has been added and can be configured per role.
• Support for custom authentication realms has been added, allowing Shield to integrate with more authentication sources and methods.
• User impersonation support has also been added, which allows a user to send a request to elasticsearch that will be run with the specified user’s permissions.

Bug Fixes

• Auditing now captures requests from nodes using a different system key as tampered requests.
• The index output for auditing stores the type of request when available.
• esusers and syskeygen work when spaces are in the elasticsearch installation path.
• Fixed a rare issue where authentication fails even when the username and password are correct.

Bug Fixes

• Fixed a rare issue where authentication fails even when the username and password are correct.
• The index output for auditing stores the type of request when available.

Enhancements

• Tampered requests with a bad header are now audited.

Bug Fixes

• When using the LDAP user search mechanism, connection errors during startup no longer cause the node to stop.
• The Clear Cache API no longer generates invalid JSON.
• The index output for auditing starts properly when forwarding the audit events to a remote cluster and uses the correct user to index the audit events.

Bug Fixes

• Fixes message authentication serialization to work with Shield 1.2.1 and earlier.

  • NOTE: if you are upgrading from Shield 1.3.0 or Shield 1.2.2 a cluster restart upgrade will be necessary. When upgrading from other versions of Shield, follow the normal upgrade procedure.

Breaking Changes

• The sha2 and apr1 hashing algorithms have been removed as options for the cache.hash_algo setting. If your existing Shield installation uses either of these options, remove the setting and use the default ssha256 algorithm.
• The users file now only supports bcrypt password hashing. All existing passwords stored using the esusers tool have been hashed with bcrypt and are not affected.

New Features

• PKI Realm: Adds Public Key Infrastructure (PKI) authentication through the use of X.509 certificates in place of username and password credentials.
• Index Output for Audit Events: An index based output has been added for storing audit events in an Elasticsearch index.

Enhancements

• TLS 1.2 is now the default protocol.
• Clients that do not support pre-emptive basic authentication can now support both anonymous and authenticated access by specifying the shield.authc.anonymous.authz_exception setting with a value of false.
• Reduced logging for common SSL exceptions, such as a client closing the connection during a handshake.

Bug Fixes

• The esusers and syskeygen tools now work correctly with environment variables in the RPM and DEB installation environment files /etc/sysconfig/elasticsearch and /etc/default/elasticsearch.
• Default ciphers no longer include TLS_DHE_RSA_WITH_AES_128_CBC_SHA.

Bug Fixes

• Fixes message authentication serialization to work with Shield 1.2.1 and earlier.

  • NOTE: if you are upgrading from Shield 1.2.2 a cluster restart upgrade will be necessary. When upgrading from other versions of Shield, follow the normal upgrade procedure.

Bug Fixes

• The esusers tool no longer warns about missing roles that are properly defined in the roles.yml file.
• The period character, ., is now allowed in usernames and role names.
• The terms filter lookup cache has been disabled to ensure all requests are properly authorized. This removes the need to manually disable the terms filter cache.
• For LDAP client connections, only the protocols and ciphers specified in the shield.ssl.supported_protocols and shield.ssl.ciphers settings will be used.
• The auditing mechanism now logs authentication failed events when a request contains an invalid authentication token.

Bug Fixes

• Several bug fixes including a fix to ensure that Disk-based Shard Allocation works properly with Shield

Enhancements

• Adds support for Elasticsearch 1.5

Bug Fixes

• Several bug fixes including a fix to ensure that Disk-based Shard Allocation works properly with Shield

New Features

• LDAP:

  • Add the ability to bind as a specific user for LDAP searches, which removes the need to specify user_dn_templates. This mode of operation also makes use of connection pooling for better performance. Please see ldap user search for more information.
  • User distinguished names (DNs) can now be used for role mapping.

• Authentication:

  • Anonymous access is now supported (disabled by default).

• IP Filtering:

  • IP Filtering settings can now be dynamically updated using the Cluster Update Settings API.

Enhancements

• Significant memory footprint reduction of internal data structures
• Test if SSL/TLS ciphers are supported and warn if any of the specified ciphers are not supported
• Reduce the amount of logging when a non-encrypted connection is opened and https is being used
• Added the kibana4_server role, which is a role that contains the minimum set of permissions required for the Kibana 4 server.
• In-memory user credential caching hash algorithm defaults now to salted SHA-256 (see Cache hash algorithms

Bug Fixes

• Filter out sensitive settings from the settings APIs

Bug Fixes

• Filter out sensitive settings from the settings APIs
• Significant memory footprint reduction of internal data structures

Bug Fixes

• Fixed dependency issues with Elasticsearch 1.4.3 and (Lucene 4.10.3 that comes with it)
• Fixed bug in how user roles were handled. When multiple roles were defined for a user, and one of the roles only had cluster permissions, not all privileges were properly evaluated.
• Updated kibana4 permissions to be compatible with Kibana 4 RC1
• Ensure the mandatory base_dn settings is set in the ldap realm configuration