Two questions

[djtecha]

1) if you use the proxy pass method does it only consider the sg_roles.yml declaration? I see the x-proxy-user come though, and obviously the x-proxy-roles are null values as nginx isn't passing those. But I would have thought the sg_role_mapping file would match on my x-proxy-user name and properly add that user to the role mapped in that file. But this is just not happening.

2) Do users added to the sg_internal_users.yml file need to have a password? Can we create a user without a password and get them to be checked via the basic_internal_auth_domain? Seems like the user is just silently ignored if I don't have a hash value defined.

[SG]

> Am 27.06.2016 um 20:47 schrieb djtecha <djt...@gmail.com>:
>
> 1) if you use the proxy pass method does it only consider the sg_roles.yml declaration? I see the x-proxy-user come though, and obviously the x-proxy-roles are null values as nginx isn't passing those. But I would have thought the sg_role_mapping file would match on my x-proxy-user name and properly add that user to the role mapped in that file. But this is just not happening.
>

This was a bug and fixed with https://github.com/floragunncom/search-guard/issues/150

> 2) Do users added to the sg_internal_users.yml file need to have a password? Can we create a user without a password and get them to be checked via the basic_internal_auth_domain? Seems like the user is just silently ignored if I don't have a hash value defined.

empty or null passwords are not supported (this should throw an exception)

>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/42f8579f-f6dd-4089-a88f-bfe39b5d7bbc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.