Change List

• Several bug fixes including a fix to ensure that Disk-based Shard Allocation works properly with Shield

new features

• LDAP:

  • Add the ability to bind as a specific user for LDAP searches, which removes the need to specify user_dn_templates. This mode of operation also makes use of connection pooling for better performance. Please see ldap user search for more information.
  • User distinguished names (DNs) can now be used for role mapping.

• Authentication:

  • Anonymous access is now supported (disabled by default).

• IP Filtering:

  • IP Filtering settings can now be dynamically updated using the Cluster Update Settings API.

enhancements

• Significant memory footprint reduction of internal data structures
• Test if SSL/TLS ciphers are supported and warn if any of the specified ciphers are not supported
• Reduce the amount of logging when a non-encrypted connection is opened and https is being used
• Added the kibana4_server role, which is a role that contains the minimum set of permissions required for the Kibana 4 server.
• In-memory user credential caching hash algorithm defaults now to salted SHA-256 (see Cache hash algorithms

bug fixes

• Filter out sensitive settings from the settings APIs

• Filter out sensitive settings from the settings APIs
• Significant memory footprint reduction of internal data structures

• Fixed dependency issues with Elasticsearch 1.4.3 and (Lucene 4.10.3 that comes with it)
• Fixed bug in how user roles were handled. When multiple roles were defined for a user, and one of the roles only had cluster permissions, not all privileges were properly evaluated.
• Updated kibana4 permissions to be compatible with Kibana 4 RC1
• Ensure the mandatory base_dn settings is set in the ldap realm configuration