elastic/elasticsearch

Do not allow setting xpack.security.user when running as a node

Open

#29,751 opened on Feb 10, 2017

View on GitHub
 (4 comments) (0 reactions) (0 assignees)Java (25,882 forks)batch import
:Security/Security>enhancementTeam:Securityhelp wanted

Repository metrics

Stars
 (76,700 stars)
PR merge metrics
 (Avg merge 2d) (1,000 merged PRs in 30d)

Description

Original comment by @jaymode:

I think we've thought about this but never did anything about it because we used shield.user in the test framework. In master we no longer use shield.user for node clients and we should probably fail on startup if someone sets shield.user and isn't running as a transport client.

Contributor guide