How the SearchGuard is Actually Storing the Data ? Is it storing data inside searchguard index ?

Hello All,

I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it’s creating index called searchguard, but whenever I tried to look into that index I didn’t get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It’s getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it’s strong in searchguard index, then How Can I retrieve those data ?

Let me know if any one need further clarifications. Your help will be really appreciated.

Here is the mapping of searchguard index :

{

“searchguard”: {

“mappings”: {

“internalusers”: {

“properties”: {

“admin”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“dlsflsuser”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“kibanaro”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“kibanaserver”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“kirk”: {

“properties”: {

“hash”: {

“type”: “string”

},

“roles”: {

“type”: “string”

}

}

},

“logstash”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“mister_picard”: {

“properties”: {

“hash”: {

“type”: “string”

},

“username”: {

“type”: “string”

}

}

},

“readall”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“spock”: {

“properties”: {

“hash”: {

“type”: “string”

},

“roles”: {

“type”: “string”

}

}

},

“test”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

},

“worf”: {

“properties”: {

“hash”: {

“type”: “string”

}

}

}

}

},

“roles”: {

“properties”: {

“sg_all_access”: {

“properties”: {

“cluster”: {

“type”: “string”

},

“indices”: {

“properties”: {

“*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_kibana4”: {

“properties”: {

“indices”: {

“properties”: {

“*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

},

“?kibana”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_kibana4_server”: {

“properties”: {

“cluster”: {

“type”: “string”

},

“indices”: {

“properties”: {

“?kibana”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_kibana4_testindex”: {

“properties”: {

“indices”: {

“properties”: {

“?kibana”: {

“properties”: {

“*”: {

“type”: “string”

}

}

},

“test*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_logstash”: {

“properties”: {

“cluster”: {

“type”: “string”

},

“indices”: {

“properties”: {

beat”: {

“properties”: {

“*”: {

“type”: “string”

}

}

},

“logstash-*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_readall”: {

“properties”: {

“indices”: {

“properties”: {

“*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_readonly_and_monitor”: {

“properties”: {

“cluster”: {

“type”: “string”

},

“indices”: {

“properties”: {

“*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_readonly_dlsfls”: {

“properties”: {

“indices”: {

“properties”: {

“/\S*/”: {

“properties”: {

“*”: {

“type”: “string”

},

dls”: {

“type”: “string”

},

fls”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_role_starfleet”: {

“properties”: {

“indices”: {

“properties”: {

“pub*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

},

“sf”: {

“properties”: {

“alumni”: {

“type”: “string”

},

“public”: {

“type”: “string”

},

“ships”: {

“type”: “string”

},

“students”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_role_starfleet_captains”: {

“properties”: {

“cluster”: {

“type”: “string”

},

“indices”: {

“properties”: {

“pub*”: {

“properties”: {

“*”: {

“type”: “string”

}

}

},

“sf”: {

“properties”: {

“*”: {

“type”: “string”

}

}

}

}

}

}

},

“sg_transport_client”: {

“properties”: {

“cluster”: {

“type”: “string”

}

}

}

}

},

“config”: {

“properties”: {

“searchguard”: {

“properties”: {

“dynamic”: {

“properties”: {

“authc”: {

“properties”: {

“basic_internal_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“clientcert_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“host_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“jwt_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“config”: {

“properties”: {

“jwt_header”: {

“type”: “string”

},

“signing_key”: {

“type”: “string”

}

}

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“kerberos_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“config”: {

“properties”: {

“acceptor_principal”: {

“type”: “string”

},

“krb_debug”: {

“type”: “boolean”

},

“strip_realm_from_principal”: {

“type”: “boolean”

}

}

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“ldap”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“config”: {

“properties”: {

“enable_ssl”: {

“type”: “boolean”

},

“enable_ssl_client_auth”: {

“type”: “boolean”

},

“enable_start_tls”: {

“type”: “boolean”

},

“hosts”: {

“type”: “string”

},

“userbase”: {

“type”: “string”

},

“usersearch”: {

“type”: “string”

},

“verify_hostnames”: {

“type”: “boolean”

}

}

},

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

},

“proxy_auth_domain”: {

“properties”: {

“authentication_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

},

“http_authenticator”: {

“properties”: {

“challenge”: {

“type”: “boolean”

},

“config”: {

“properties”: {

“roles_header”: {

“type”: “string”

},

“user_header”: {

“type”: “string”

}

}

},

“type”: {

“type”: “string”

}

}

},

“order”: {

“type”: “long”

}

}

}

}

},

“authz”: {

“properties”: {

“roles_from_another_ldap”: {

“properties”: {

“authorization_backend”: {

“properties”: {

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

}

}

},

“roles_from_myldap”: {

“properties”: {

“authorization_backend”: {

“properties”: {

“config”: {

“properties”: {

“enable_ssl”: {

“type”: “boolean”

},

“enable_ssl_client_auth”: {

“type”: “boolean”

},

“enable_start_tls”: {

“type”: “boolean”

},

“hosts”: {

“type”: “string”

},

“resolve_nested_roles”: {

“type”: “boolean”

},

“rolebase”: {

“type”: “string”

},

“rolename”: {

“type”: “string”

},

“rolesearch”: {

“type”: “string”

},

“userbase”: {

“type”: “string”

},

“userrolename”: {

“type”: “string”

},

“usersearch”: {

“type”: “string”

},

“verify_hostnames”: {

“type”: “boolean”

}

}

},

“type”: {

“type”: “string”

}

}

},

“enabled”: {

“type”: “boolean”

}

}

}

}

},

“http”: {

“properties”: {

“anonymous_auth_enabled”: {

“type”: “boolean”

},

“xff”: {

“properties”: {

“enabled”: {

“type”: “boolean”

},

“internalProxies”: {

“type”: “string”

},

“proxiesHeader”: {

“type”: “string”

},

“remoteIpHeader”: {

“type”: “string”

}

}

}

}

}

}

}

}

}

}

},

“rolesmapping”: {

“properties”: {

“sg_all_access”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_kibana4”: {

“properties”: {

“backendroles”: {

“type”: “string”

},

“users”: {

“type”: “string”

}

}

},

“sg_kibana4_server”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_kibana4_testindex”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_logstash”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_public”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_readall”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_readonly_dlsfls”: {

“properties”: {

“users”: {

“type”: “string”

}

}

},

“sg_role_klingons1”: {

“properties”: {

“backendroles”: {

“type”: “string”

},

“hosts”: {

“type”: “string”

},

“users”: {

“type”: “string”

}

}

},

“sg_role_starfleet”: {

“properties”: {

“backendroles”: {

“type”: “string”

},

“hosts”: {

“type”: “string”

},

“users”: {

“type”: “string”

}

}

},

“sg_role_starfleet_captains”: {

“properties”: {

“backendroles”: {

“type”: “string”

}

}

}

}

},

“actiongroups”: {

“properties”: {

“ALL”: {

“type”: “string”

},

“CLUSTER_ALL”: {

“type”: “string”

},

“CLUSTER_MONITOR”: {

“type”: “string”

},

“CREATE_INDEX”: {

“type”: “string”

},

“CRUD”: {

“type”: “string”

},

“DATA_ACCESS”: {

“type”: “string”

},

“DELETE”: {

“type”: “string”

},

“GET”: {

“type”: “string”

},

“INDEX”: {

“type”: “string”

},

“MANAGE”: {

“type”: “string”

},

“MANAGE_ALIASES”: {

“type”: “string”

},

“MONITOR”: {

“type”: “string”

},

“READ”: {

“type”: “string”

},

“SEARCH”: {

“type”: “string”

},

“SUGGEST”: {

“type”: “string”

},

“WRITE”: {

“type”: “string”

}

}

}

}

}

}…

``

Magic happens here: https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java

···

Am 06.07.2016 um 14:50 schrieb 'Hardik Bhut' via Search Guard <search-guard@googlegroups.com>:

Hello All,

I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it's creating index called searchguard, but whenever I tried to look into that index I didn't get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It's getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it's strong in searchguard index, then How Can I retrieve those data ?

Let me know if any one need further clarifications. Your help will be really appreciated.

Here is the mapping of searchguard index :
{
   "searchguard": {
      "mappings": {
         "internalusers": {
            "properties": {
               "admin": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "dlsflsuser": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "kibanaro": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "kibanaserver": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "kirk": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     },
                     "roles": {
                        "type": "string"
                     }
                  }
               },
               "logstash": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "mister_picard": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     },
                     "username": {
                        "type": "string"
                     }
                  }
               },
               "readall": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "spock": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     },
                     "roles": {
                        "type": "string"
                     }
                  }
               },
               "test": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               },
               "worf": {
                  "properties": {
                     "hash": {
                        "type": "string"
                     }
                  }
               }
            }
         },
         "roles": {
            "properties": {
               "sg_all_access": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     },
                     "indices": {
                        "properties": {
                           "*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_kibana4": {
                  "properties": {
                     "indices": {
                        "properties": {
                           "*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           },
                           "?kibana": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_kibana4_server": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     },
                     "indices": {
                        "properties": {
                           "?kibana": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_kibana4_testindex": {
                  "properties": {
                     "indices": {
                        "properties": {
                           "?kibana": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           },
                           "test*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_logstash": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     },
                     "indices": {
                        "properties": {
                           "*beat*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           },
                           "logstash-*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_readall": {
                  "properties": {
                     "indices": {
                        "properties": {
                           "*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_readonly_and_monitor": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     },
                     "indices": {
                        "properties": {
                           "*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_readonly_dlsfls": {
                  "properties": {
                     "indices": {
                        "properties": {
                           "/\\S*/": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 },
                                 "_dls_": {
                                    "type": "string"
                                 },
                                 "_fls_": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_role_starfleet": {
                  "properties": {
                     "indices": {
                        "properties": {
                           "pub*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           },
                           "sf": {
                              "properties": {
                                 "alumni": {
                                    "type": "string"
                                 },
                                 "public": {
                                    "type": "string"
                                 },
                                 "ships": {
                                    "type": "string"
                                 },
                                 "students": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_role_starfleet_captains": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     },
                     "indices": {
                        "properties": {
                           "pub*": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           },
                           "sf": {
                              "properties": {
                                 "*": {
                                    "type": "string"
                                 }
                              }
                           }
                        }
                     }
                  }
               },
               "sg_transport_client": {
                  "properties": {
                     "cluster": {
                        "type": "string"
                     }
                  }
               }
            }
         },
         "config": {
            "properties": {
               "searchguard": {
                  "properties": {
                     "dynamic": {
                        "properties": {
                           "authc": {
                              "properties": {
                                 "basic_internal_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "clientcert_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "host_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "jwt_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "config": {
                                                "properties": {
                                                   "jwt_header": {
                                                      "type": "string"
                                                   },
                                                   "signing_key": {
                                                      "type": "string"
                                                   }
                                                }
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "kerberos_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "config": {
                                                "properties": {
                                                   "acceptor_principal": {
                                                      "type": "string"
                                                   },
                                                   "krb_debug": {
                                                      "type": "boolean"
                                                   },
                                                   "strip_realm_from_principal": {
                                                      "type": "boolean"
                                                   }
                                                }
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "ldap": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "config": {
                                                "properties": {
                                                   "enable_ssl": {
                                                      "type": "boolean"
                                                   },
                                                   "enable_ssl_client_auth": {
                                                      "type": "boolean"
                                                   },
                                                   "enable_start_tls": {
                                                      "type": "boolean"
                                                   },
                                                   "hosts": {
                                                      "type": "string"
                                                   },
                                                   "userbase": {
                                                      "type": "string"
                                                   },
                                                   "usersearch": {
                                                      "type": "string"
                                                   },
                                                   "verify_hostnames": {
                                                      "type": "boolean"
                                                   }
                                                }
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 },
                                 "proxy_auth_domain": {
                                    "properties": {
                                       "authentication_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "http_authenticator": {
                                          "properties": {
                                             "challenge": {
                                                "type": "boolean"
                                             },
                                             "config": {
                                                "properties": {
                                                   "roles_header": {
                                                      "type": "string"
                                                   },
                                                   "user_header": {
                                                      "type": "string"
                                                   }
                                                }
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "order": {
                                          "type": "long"
                                       }
                                    }
                                 }
                              }
                           },
                           "authz": {
                              "properties": {
                                 "roles_from_another_ldap": {
                                    "properties": {
                                       "authorization_backend": {
                                          "properties": {
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       }
                                    }
                                 },
                                 "roles_from_myldap": {
                                    "properties": {
                                       "authorization_backend": {
                                          "properties": {
                                             "config": {
                                                "properties": {
                                                   "enable_ssl": {
                                                      "type": "boolean"
                                                   },
                                                   "enable_ssl_client_auth": {
                                                      "type": "boolean"
                                                   },
                                                   "enable_start_tls": {
                                                      "type": "boolean"
                                                   },
                                                   "hosts": {
                                                      "type": "string"
                                                   },
                                                   "resolve_nested_roles": {
                                                      "type": "boolean"
                                                   },
                                                   "rolebase": {
                                                      "type": "string"
                                                   },
                                                   "rolename": {
                                                      "type": "string"
                                                   },
                                                   "rolesearch": {
                                                      "type": "string"
                                                   },
                                                   "userbase": {
                                                      "type": "string"
                                                   },
                                                   "userrolename": {
                                                      "type": "string"
                                                   },
                                                   "usersearch": {
                                                      "type": "string"
                                                   },
                                                   "verify_hostnames": {
                                                      "type": "boolean"
                                                   }
                                                }
                                             },
                                             "type": {
                                                "type": "string"
                                             }
                                          }
                                       },
                                       "enabled": {
                                          "type": "boolean"
                                       }
                                    }
                                 }
                              }
                           },
                           "http": {
                              "properties": {
                                 "anonymous_auth_enabled": {
                                    "type": "boolean"
                                 },
                                 "xff": {
                                    "properties": {
                                       "enabled": {
                                          "type": "boolean"
                                       },
                                       "internalProxies": {
                                          "type": "string"
                                       },
                                       "proxiesHeader": {
                                          "type": "string"
                                       },
                                       "remoteIpHeader": {
                                          "type": "string"
                                       }
                                    }
                                 }
                              }
                           }
                        }
                     }
                  }
               }
            }
         },
         "rolesmapping": {
            "properties": {
               "sg_all_access": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_kibana4": {
                  "properties": {
                     "backendroles": {
                        "type": "string"
                     },
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_kibana4_server": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_kibana4_testindex": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_logstash": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_public": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_readall": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_readonly_dlsfls": {
                  "properties": {
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_role_klingons1": {
                  "properties": {
                     "backendroles": {
                        "type": "string"
                     },
                     "hosts": {
                        "type": "string"
                     },
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_role_starfleet": {
                  "properties": {
                     "backendroles": {
                        "type": "string"
                     },
                     "hosts": {
                        "type": "string"
                     },
                     "users": {
                        "type": "string"
                     }
                  }
               },
               "sg_role_starfleet_captains": {
                  "properties": {
                     "backendroles": {
                        "type": "string"
                     }
                  }
               }
            }
         },
         "actiongroups": {
            "properties": {
               "ALL": {
                  "type": "string"
               },
               "CLUSTER_ALL": {
                  "type": "string"
               },
               "CLUSTER_MONITOR": {
                  "type": "string"
               },
               "CREATE_INDEX": {
                  "type": "string"
               },
               "CRUD": {
                  "type": "string"
               },
               "DATA_ACCESS": {
                  "type": "string"
               },
               "DELETE": {
                  "type": "string"
               },
               "GET": {
                  "type": "string"
               },
               "INDEX": {
                  "type": "string"
               },
               "MANAGE": {
                  "type": "string"
               },
               "MANAGE_ALIASES": {
                  "type": "string"
               },
               "MONITOR": {
                  "type": "string"
               },
               "READ": {
                  "type": "string"
               },
               "SEARCH": {
                  "type": "string"
               },
               "SUGGEST": {
                  "type": "string"
               },
               "WRITE": {
                  "type": "string"
               }
            }
         }
      }
   }
}...

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa836989-3a57-4a5e-a4d2-54f50bdf9f81%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.

What magic happens there ? Can you tell me like, how can I retrieve ACL data from searchguard index. I looked into older posts, I found like there is type called ac and deals with ACL related data. But I didn’t find any type like ac on searchguard index. Can you help me out ?

···

On Wednesday, July 6, 2016 at 6:25:21 PM UTC+5:30, SG wrote:

Magic happens here: https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java

Am 06.07.2016 um 14:50 schrieb ‘Hardik Bhut’ via Search Guard search...@googlegroups.com:

Hello All,

I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it’s creating index called searchguard, but whenever I tried to look into that index I didn’t get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It’s getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it’s strong in searchguard index, then How Can I retrieve those data ?

Let me know if any one need further clarifications. Your help will be really appreciated.

Here is the mapping of searchguard index :

{

“searchguard”: {

  "mappings": {
     "internalusers": {
        "properties": {
           "admin": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "dlsflsuser": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kibanaro": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kibanaserver": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kirk": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "roles": {
                    "type": "string"
                 }
              }
           },
           "logstash": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "mister_picard": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "username": {
                    "type": "string"
                 }
              }
           },
           "readall": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "spock": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "roles": {
                    "type": "string"
                 }
              }
           },
           "test": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "worf": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "roles": {
        "properties": {
           "sg_all_access": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4": {
              "properties": {
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4_server": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4_testindex": {
              "properties": {
                 "indices": {
                    "properties": {
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "test*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_logstash": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*beat*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "logstash-*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readall": {
              "properties": {
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readonly_and_monitor": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readonly_dlsfls": {
              "properties": {
                 "indices": {
                    "properties": {
                       "/\\S*/": {
                          "properties": {
                             "*": {
                                "type": "string"
                             },
                             "_dls_": {
                                "type": "string"
                             },
                             "_fls_": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_role_starfleet": {
              "properties": {
                 "indices": {
                    "properties": {
                       "pub*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "sf": {
                          "properties": {
                             "alumni": {
                                "type": "string"
                             },
                             "public": {
                                "type": "string"
                             },
                             "ships": {
                                "type": "string"
                             },
                             "students": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_role_starfleet_captains": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "pub*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "sf": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_transport_client": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "config": {
        "properties": {
           "searchguard": {
              "properties": {
                 "dynamic": {
                    "properties": {
                       "authc": {
                          "properties": {
                             "basic_internal_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "clientcert_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "host_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "jwt_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "jwt_header": {
                                                  "type": "string"
                                               },
                                               "signing_key": {
                                                  "type": "string"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "kerberos_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "acceptor_principal": {
                                                  "type": "string"
                                               },
                                               "krb_debug": {
                                                  "type": "boolean"
                                               },
                                               "strip_realm_from_principal": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "ldap": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "config": {
                                            "properties": {
                                               "enable_ssl": {
                                                  "type": "boolean"
                                               },
                                               "enable_ssl_client_auth": {
                                                  "type": "boolean"
                                               },
                                               "enable_start_tls": {
                                                  "type": "boolean"
                                               },
                                               "hosts": {
                                                  "type": "string"
                                               },
                                               "userbase": {
                                                  "type": "string"
                                               },
                                               "usersearch": {
                                                  "type": "string"
                                               },
                                               "verify_hostnames": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "proxy_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "roles_header": {
                                                  "type": "string"
                                               },
                                               "user_header": {
                                                  "type": "string"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             }
                          }
                       },
                       "authz": {
                          "properties": {
                             "roles_from_another_ldap": {
                                "properties": {
                                   "authorization_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   }
                                }
                             },
                             "roles_from_myldap": {
                                "properties": {
                                   "authorization_backend": {
                                      "properties": {
                                         "config": {
                                            "properties": {
                                               "enable_ssl": {
                                                  "type": "boolean"
                                               },
                                               "enable_ssl_client_auth": {
                                                  "type": "boolean"
                                               },
                                               "enable_start_tls": {
                                                  "type": "boolean"
                                               },
                                               "hosts": {
                                                  "type": "string"
                                               },
                                               "resolve_nested_roles": {
                                                  "type": "boolean"
                                               },
                                               "rolebase": {
                                                  "type": "string"
                                               },
                                               "rolename": {
                                                  "type": "string"
                                               },
                                               "rolesearch": {
                                                  "type": "string"
                                               },
                                               "userbase": {
                                                  "type": "string"
                                               },
                                               "userrolename": {
                                                  "type": "string"
                                               },
                                               "usersearch": {
                                                  "type": "string"
                                               },
                                               "verify_hostnames": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   }
                                }
                             }
                          }
                       },
                       "http": {
                          "properties": {
                             "anonymous_auth_enabled": {
                                "type": "boolean"
                             },
                             "xff": {
                                "properties": {
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "internalProxies": {
                                      "type": "string"
                                   },
                                   "proxiesHeader": {
                                      "type": "string"
                                   },
                                   "remoteIpHeader": {
                                      "type": "string"
                                   }
                                }
                             }
                          }
                       }
                    }
                 }
              }
           }
        }
     },
     "rolesmapping": {
        "properties": {
           "sg_all_access": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4_server": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4_testindex": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_logstash": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_public": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_readall": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_readonly_dlsfls": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_klingons1": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "hosts": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_starfleet": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "hosts": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_starfleet_captains": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "actiongroups": {
        "properties": {
           "ALL": {
              "type": "string"
           },
           "CLUSTER_ALL": {
              "type": "string"
           },
           "CLUSTER_MONITOR": {
              "type": "string"
           },
           "CREATE_INDEX": {
              "type": "string"
           },
           "CRUD": {
              "type": "string"
           },
           "DATA_ACCESS": {
              "type": "string"
           },
           "DELETE": {
              "type": "string"
           },
           "GET": {
              "type": "string"
           },
           "INDEX": {
              "type": "string"
           },
           "MANAGE": {
              "type": "string"
           },
           "MANAGE_ALIASES": {
              "type": "string"
           },
           "MONITOR": {
              "type": "string"
           },
           "READ": {
              "type": "string"
           },
           "SEARCH": {
              "type": "string"
           },
           "SUGGEST": {
              "type": "string"
           },
           "WRITE": {
              "type": "string"
           }
        }
     }
  }

}

}…


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa836989-3a57-4a5e-a4d2-54f50bdf9f81%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Hello SG,

Thanks for your help. I really appreciate for it. I am able to retrieve data from searchguard index. I need to do changes in https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java file. I need to add one if condition inside IndexSearcher wrap function. Following is the changed function:

public final IndexSearcher wrap(final EngineConfig engineConfig, final IndexSearcher searcher) throws EngineException {

``

    if (log.isTraceEnabled()) {

        log.trace("IndexSearcher {} should be wrapped (reader is {})", searcher.getClass(), searcher.getIndexReader().getClass());

    }

    if(!shardReady) {

        return searcher;

    }

    // patch for getting data from searchguard index

    if(isSearchGuardIndexRequest()) {

        return dlsFlsWrap(engineConfig, searcher);

    }

    if (isSearchGuardIndexRequest() && !isAdminAuhtenticatedOrInternalRequest()) {

        return new IndexSearcher(new EmptyReader());

    }

    if (!isAdminAuhtenticatedOrInternalRequest()) {

        //if (settings == null || settings.getAsBoolean("searchguard.dynamic.dlsfls_enabled", true)) {

            return dlsFlsWrap(engineConfig, searcher);

        //}

    }

    return searcher;

}
···

On Wednesday, July 6, 2016 at 6:25:21 PM UTC+5:30, SG wrote:

Magic happens here: https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java

Am 06.07.2016 um 14:50 schrieb ‘Hardik Bhut’ via Search Guard search...@googlegroups.com:

Hello All,

I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it’s creating index called searchguard, but whenever I tried to look into that index I didn’t get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It’s getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it’s strong in searchguard index, then How Can I retrieve those data ?

Let me know if any one need further clarifications. Your help will be really appreciated.

Here is the mapping of searchguard index :

{

“searchguard”: {

  "mappings": {
     "internalusers": {
        "properties": {
           "admin": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "dlsflsuser": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kibanaro": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kibanaserver": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "kirk": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "roles": {
                    "type": "string"
                 }
              }
           },
           "logstash": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "mister_picard": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "username": {
                    "type": "string"
                 }
              }
           },
           "readall": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "spock": {
              "properties": {
                 "hash": {
                    "type": "string"
                 },
                 "roles": {
                    "type": "string"
                 }
              }
           },
           "test": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           },
           "worf": {
              "properties": {
                 "hash": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "roles": {
        "properties": {
           "sg_all_access": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4": {
              "properties": {
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4_server": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_kibana4_testindex": {
              "properties": {
                 "indices": {
                    "properties": {
                       "?kibana": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "test*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_logstash": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*beat*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "logstash-*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readall": {
              "properties": {
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readonly_and_monitor": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_readonly_dlsfls": {
              "properties": {
                 "indices": {
                    "properties": {
                       "/\\S*/": {
                          "properties": {
                             "*": {
                                "type": "string"
                             },
                             "_dls_": {
                                "type": "string"
                             },
                             "_fls_": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_role_starfleet": {
              "properties": {
                 "indices": {
                    "properties": {
                       "pub*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "sf": {
                          "properties": {
                             "alumni": {
                                "type": "string"
                             },
                             "public": {
                                "type": "string"
                             },
                             "ships": {
                                "type": "string"
                             },
                             "students": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_role_starfleet_captains": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 },
                 "indices": {
                    "properties": {
                       "pub*": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       },
                       "sf": {
                          "properties": {
                             "*": {
                                "type": "string"
                             }
                          }
                       }
                    }
                 }
              }
           },
           "sg_transport_client": {
              "properties": {
                 "cluster": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "config": {
        "properties": {
           "searchguard": {
              "properties": {
                 "dynamic": {
                    "properties": {
                       "authc": {
                          "properties": {
                             "basic_internal_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "clientcert_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "host_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "jwt_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "jwt_header": {
                                                  "type": "string"
                                               },
                                               "signing_key": {
                                                  "type": "string"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "kerberos_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "acceptor_principal": {
                                                  "type": "string"
                                               },
                                               "krb_debug": {
                                                  "type": "boolean"
                                               },
                                               "strip_realm_from_principal": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "ldap": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "config": {
                                            "properties": {
                                               "enable_ssl": {
                                                  "type": "boolean"
                                               },
                                               "enable_ssl_client_auth": {
                                                  "type": "boolean"
                                               },
                                               "enable_start_tls": {
                                                  "type": "boolean"
                                               },
                                               "hosts": {
                                                  "type": "string"
                                               },
                                               "userbase": {
                                                  "type": "string"
                                               },
                                               "usersearch": {
                                                  "type": "string"
                                               },
                                               "verify_hostnames": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             },
                             "proxy_auth_domain": {
                                "properties": {
                                   "authentication_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "http_authenticator": {
                                      "properties": {
                                         "challenge": {
                                            "type": "boolean"
                                         },
                                         "config": {
                                            "properties": {
                                               "roles_header": {
                                                  "type": "string"
                                               },
                                               "user_header": {
                                                  "type": "string"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "order": {
                                      "type": "long"
                                   }
                                }
                             }
                          }
                       },
                       "authz": {
                          "properties": {
                             "roles_from_another_ldap": {
                                "properties": {
                                   "authorization_backend": {
                                      "properties": {
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   }
                                }
                             },
                             "roles_from_myldap": {
                                "properties": {
                                   "authorization_backend": {
                                      "properties": {
                                         "config": {
                                            "properties": {
                                               "enable_ssl": {
                                                  "type": "boolean"
                                               },
                                               "enable_ssl_client_auth": {
                                                  "type": "boolean"
                                               },
                                               "enable_start_tls": {
                                                  "type": "boolean"
                                               },
                                               "hosts": {
                                                  "type": "string"
                                               },
                                               "resolve_nested_roles": {
                                                  "type": "boolean"
                                               },
                                               "rolebase": {
                                                  "type": "string"
                                               },
                                               "rolename": {
                                                  "type": "string"
                                               },
                                               "rolesearch": {
                                                  "type": "string"
                                               },
                                               "userbase": {
                                                  "type": "string"
                                               },
                                               "userrolename": {
                                                  "type": "string"
                                               },
                                               "usersearch": {
                                                  "type": "string"
                                               },
                                               "verify_hostnames": {
                                                  "type": "boolean"
                                               }
                                            }
                                         },
                                         "type": {
                                            "type": "string"
                                         }
                                      }
                                   },
                                   "enabled": {
                                      "type": "boolean"
                                   }
                                }
                             }
                          }
                       },
                       "http": {
                          "properties": {
                             "anonymous_auth_enabled": {
                                "type": "boolean"
                             },
                             "xff": {
                                "properties": {
                                   "enabled": {
                                      "type": "boolean"
                                   },
                                   "internalProxies": {
                                      "type": "string"
                                   },
                                   "proxiesHeader": {
                                      "type": "string"
                                   },
                                   "remoteIpHeader": {
                                      "type": "string"
                                   }
                                }
                             }
                          }
                       }
                    }
                 }
              }
           }
        }
     },
     "rolesmapping": {
        "properties": {
           "sg_all_access": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4_server": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_kibana4_testindex": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_logstash": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_public": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_readall": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_readonly_dlsfls": {
              "properties": {
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_klingons1": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "hosts": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_starfleet": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 },
                 "hosts": {
                    "type": "string"
                 },
                 "users": {
                    "type": "string"
                 }
              }
           },
           "sg_role_starfleet_captains": {
              "properties": {
                 "backendroles": {
                    "type": "string"
                 }
              }
           }
        }
     },
     "actiongroups": {
        "properties": {
           "ALL": {
              "type": "string"
           },
           "CLUSTER_ALL": {
              "type": "string"
           },
           "CLUSTER_MONITOR": {
              "type": "string"
           },
           "CREATE_INDEX": {
              "type": "string"
           },
           "CRUD": {
              "type": "string"
           },
           "DATA_ACCESS": {
              "type": "string"
           },
           "DELETE": {
              "type": "string"
           },
           "GET": {
              "type": "string"
           },
           "INDEX": {
              "type": "string"
           },
           "MANAGE": {
              "type": "string"
           },
           "MANAGE_ALIASES": {
              "type": "string"
           },
           "MONITOR": {
              "type": "string"
           },
           "READ": {
              "type": "string"
           },
           "SEARCH": {
              "type": "string"
           },
           "SUGGEST": {
              "type": "string"
           },
           "WRITE": {
              "type": "string"
           }
        }
     }
  }

}

}…


You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa836989-3a57-4a5e-a4d2-54f50bdf9f81%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Can you explain WHY you need to retrieve the data stored in the searchguard index in that way? I do not recommend your approach because it breaks security.
Use sgadmin to update and retrieve searchguard index content.

···

Am 08.07.2016 um 14:55 schrieb 'Hardik Bhut' via Search Guard <search-guard@googlegroups.com>:

Hello SG,

Thanks for your help. I really appreciate for it. I am able to retrieve data from searchguard index. I need to do changes in https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java file. I need to add one if condition inside IndexSearcher wrap function. Following is the changed function:
public final IndexSearcher wrap(final EngineConfig engineConfig, final IndexSearcher searcher) throws EngineException {

        if (log.isTraceEnabled()) {
            log.trace("IndexSearcher {} should be wrapped (reader is {})", searcher.getClass(), searcher.getIndexReader().getClass());
        }

        if(!shardReady) {
            return searcher;
        }
        // patch for getting data from searchguard index
        if(isSearchGuardIndexRequest()) {
            return dlsFlsWrap(engineConfig, searcher);
        }
        if (isSearchGuardIndexRequest() && !isAdminAuhtenticatedOrInternalRequest()) {
            return new IndexSearcher(new EmptyReader());
        }

        if (!isAdminAuhtenticatedOrInternalRequest()) {

            //if (settings == null || settings.getAsBoolean("searchguard.dynamic.dlsfls_enabled", true)) {
                return dlsFlsWrap(engineConfig, searcher);
            //}
        }

        return searcher;
    }

On Wednesday, July 6, 2016 at 6:25:21 PM UTC+5:30, SG wrote:
Magic happens here: https://github.com/floragunncom/search-guard/blob/master/src/main/java/com/floragunn/searchguard/configuration/SearchGuardIndexSearcherWrapper.java

> Am 06.07.2016 um 14:50 schrieb 'Hardik Bhut' via Search Guard <search...@googlegroups.com>:
>
> Hello All,
>
> I just want to figure out like how the searchguard is internally storing the user,roles, and rolesmapping data? I think it's creating index called searchguard, but whenever I tried to look into that index I didn't get any data. When I looked into searchguard index mapping I found like, Whenever we are creating any user or role(via running sgadmin utility), It's getting updated in mapping. But I really want to know about, where the data is stored inside elasticsearch. IF it's strong in searchguard index, then How Can I retrieve those data ?
>
> Let me know if any one need further clarifications. Your help will be really appreciated.
>
> Here is the mapping of searchguard index :
> {
> "searchguard": {
> "mappings": {
> "internalusers": {
> "properties": {
> "admin": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "dlsflsuser": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "kibanaro": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "kibanaserver": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "kirk": {
> "properties": {
> "hash": {
> "type": "string"
> },
> "roles": {
> "type": "string"
> }
> }
> },
> "logstash": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "mister_picard": {
> "properties": {
> "hash": {
> "type": "string"
> },
> "username": {
> "type": "string"
> }
> }
> },
> "readall": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "spock": {
> "properties": {
> "hash": {
> "type": "string"
> },
> "roles": {
> "type": "string"
> }
> }
> },
> "test": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> },
> "worf": {
> "properties": {
> "hash": {
> "type": "string"
> }
> }
> }
> }
> },
> "roles": {
> "properties": {
> "sg_all_access": {
> "properties": {
> "cluster": {
> "type": "string"
> },
> "indices": {
> "properties": {
> "*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_kibana4": {
> "properties": {
> "indices": {
> "properties": {
> "*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> },
> "?kibana": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_kibana4_server": {
> "properties": {
> "cluster": {
> "type": "string"
> },
> "indices": {
> "properties": {
> "?kibana": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_kibana4_testindex": {
> "properties": {
> "indices": {
> "properties": {
> "?kibana": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> },
> "test*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_logstash": {
> "properties": {
> "cluster": {
> "type": "string"
> },
> "indices": {
> "properties": {
> "*beat*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> },
> "logstash-*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_readall": {
> "properties": {
> "indices": {
> "properties": {
> "*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_readonly_and_monitor": {
> "properties": {
> "cluster": {
> "type": "string"
> },
> "indices": {
> "properties": {
> "*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_readonly_dlsfls": {
> "properties": {
> "indices": {
> "properties": {
> "/\\S*/": {
> "properties": {
> "*": {
> "type": "string"
> },
> "_dls_": {
> "type": "string"
> },
> "_fls_": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_role_starfleet": {
> "properties": {
> "indices": {
> "properties": {
> "pub*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> },
> "sf": {
> "properties": {
> "alumni": {
> "type": "string"
> },
> "public": {
> "type": "string"
> },
> "ships": {
> "type": "string"
> },
> "students": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_role_starfleet_captains": {
> "properties": {
> "cluster": {
> "type": "string"
> },
> "indices": {
> "properties": {
> "pub*": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> },
> "sf": {
> "properties": {
> "*": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> },
> "sg_transport_client": {
> "properties": {
> "cluster": {
> "type": "string"
> }
> }
> }
> }
> },
> "config": {
> "properties": {
> "searchguard": {
> "properties": {
> "dynamic": {
> "properties": {
> "authc": {
> "properties": {
> "basic_internal_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "clientcert_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "host_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "jwt_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "config": {
> "properties": {
> "jwt_header": {
> "type": "string"
> },
> "signing_key": {
> "type": "string"
> }
> }
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "kerberos_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "config": {
> "properties": {
> "acceptor_principal": {
> "type": "string"
> },
> "krb_debug": {
> "type": "boolean"
> },
> "strip_realm_from_principal": {
> "type": "boolean"
> }
> }
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "ldap": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "config": {
> "properties": {
> "enable_ssl": {
> "type": "boolean"
> },
> "enable_ssl_client_auth": {
> "type": "boolean"
> },
> "enable_start_tls": {
> "type": "boolean"
> },
> "hosts": {
> "type": "string"
> },
> "userbase": {
> "type": "string"
> },
> "usersearch": {
> "type": "string"
> },
> "verify_hostnames": {
> "type": "boolean"
> }
> }
> },
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> },
> "proxy_auth_domain": {
> "properties": {
> "authentication_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> },
> "http_authenticator": {
> "properties": {
> "challenge": {
> "type": "boolean"
> },
> "config": {
> "properties": {
> "roles_header": {
> "type": "string"
> },
> "user_header": {
> "type": "string"
> }
> }
> },
> "type": {
> "type": "string"
> }
> }
> },
> "order": {
> "type": "long"
> }
> }
> }
> }
> },
> "authz": {
> "properties": {
> "roles_from_another_ldap": {
> "properties": {
> "authorization_backend": {
> "properties": {
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> }
> }
> },
> "roles_from_myldap": {
> "properties": {
> "authorization_backend": {
> "properties": {
> "config": {
> "properties": {
> "enable_ssl": {
> "type": "boolean"
> },
> "enable_ssl_client_auth": {
> "type": "boolean"
> },
> "enable_start_tls": {
> "type": "boolean"
> },
> "hosts": {
> "type": "string"
> },
> "resolve_nested_roles": {
> "type": "boolean"
> },
> "rolebase": {
> "type": "string"
> },
> "rolename": {
> "type": "string"
> },
> "rolesearch": {
> "type": "string"
> },
> "userbase": {
> "type": "string"
> },
> "userrolename": {
> "type": "string"
> },
> "usersearch": {
> "type": "string"
> },
> "verify_hostnames": {
> "type": "boolean"
> }
> }
> },
> "type": {
> "type": "string"
> }
> }
> },
> "enabled": {
> "type": "boolean"
> }
> }
> }
> }
> },
> "http": {
> "properties": {
> "anonymous_auth_enabled": {
> "type": "boolean"
> },
> "xff": {
> "properties": {
> "enabled": {
> "type": "boolean"
> },
> "internalProxies": {
> "type": "string"
> },
> "proxiesHeader": {
> "type": "string"
> },
> "remoteIpHeader": {
> "type": "string"
> }
> }
> }
> }
> }
> }
> }
> }
> }
> }
> },
> "rolesmapping": {
> "properties": {
> "sg_all_access": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_kibana4": {
> "properties": {
> "backendroles": {
> "type": "string"
> },
> "users": {
> "type": "string"
> }
> }
> },
> "sg_kibana4_server": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_kibana4_testindex": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_logstash": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_public": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_readall": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_readonly_dlsfls": {
> "properties": {
> "users": {
> "type": "string"
> }
> }
> },
> "sg_role_klingons1": {
> "properties": {
> "backendroles": {
> "type": "string"
> },
> "hosts": {
> "type": "string"
> },
> "users": {
> "type": "string"
> }
> }
> },
> "sg_role_starfleet": {
> "properties": {
> "backendroles": {
> "type": "string"
> },
> "hosts": {
> "type": "string"
> },
> "users": {
> "type": "string"
> }
> }
> },
> "sg_role_starfleet_captains": {
> "properties": {
> "backendroles": {
> "type": "string"
> }
> }
> }
> }
> },
> "actiongroups": {
> "properties": {
> "ALL": {
> "type": "string"
> },
> "CLUSTER_ALL": {
> "type": "string"
> },
> "CLUSTER_MONITOR": {
> "type": "string"
> },
> "CREATE_INDEX": {
> "type": "string"
> },
> "CRUD": {
> "type": "string"
> },
> "DATA_ACCESS": {
> "type": "string"
> },
> "DELETE": {
> "type": "string"
> },
> "GET": {
> "type": "string"
> },
> "INDEX": {
> "type": "string"
> },
> "MANAGE": {
> "type": "string"
> },
> "MANAGE_ALIASES": {
> "type": "string"
> },
> "MONITOR": {
> "type": "string"
> },
> "READ": {
> "type": "string"
> },
> "SEARCH": {
> "type": "string"
> },
> "SUGGEST": {
> "type": "string"
> },
> "WRITE": {
> "type": "string"
> }
> }
> }
> }
> }
> }...
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/aa836989-3a57-4a5e-a4d2-54f50bdf9f81%40googlegroups.com\.
> For more options, visit https://groups.google.com/d/optout\.

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/1d500dfd-f74f-4219-bdc4-7a495b3461ac%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.