R/realms: A place for discussing Minecraft Realms and submitting your Java maps for publishing consideration. MAP SUBMISSIONS CURRENTLY CLOSED! Share Your Minecraft Realms! 338 emeralds. 8,291 replies. 412,895 views Yuki started 12:06 pm history User3545856G replied 1:34 am This is the place to share your realms servers.
The Elastic Stack security features authenticate users by using realms and one or moretoken-based authentication services.
Realms Plus
A realm is used to resolve and authenticate users based on authenticationtokens. The security features provide the following built-in realms:
- native
- An internal realm where users are stored in a dedicated Elasticsearch index.This realm supports an authentication token in the form of username and password,and is available by default when no realms are explicitly configured. The usersare managed via the user management APIs.See Native user authentication.
- ldap
- A realm that uses an external LDAP server to authenticate theusers. This realm supports an authentication token in the form of username andpassword, and requires explicit configuration in order to be used. SeeLDAP user authentication.
- active_directory
- A realm that uses an external Active Directory Server to authenticate theusers. With this realm, users are authenticated by usernames and passwords.See Active Directory user authentication.
- pki
- A realm that authenticates users using Public Key Infrastructure (PKI). Thisrealm works in conjunction with SSL/TLS and identifies the users through theDistinguished Name (DN) of the client’s X.509 certificates. See PKI user authentication.
- file
- An internal realm where users are defined in files stored on each node in theElasticsearch cluster. This realm supports an authentication token in the formof username and password and is always available. See File-based user authentication.
- saml
- A realm that facilitates authentication using the SAML 2.0 Web SSO protocol.This realm is designed to support authentication through Kibana and is notintended for use in the REST API. See SAML authentication.
- kerberos
- A realm that authenticates a user using Kerberos authentication. Users areauthenticated on the basis of Kerberos tickets. See Kerberos authentication.
- oidc
- A realm that facilitates authentication using OpenID Connect. It enables Elasticsearch toserve as an OpenID Connect Relying Party (RP) and provide single sign-on (SSO)support in Kibana. See Configure OpenID Connect.
The Elastic Stack security features also support custom realms. If you need tointegrate with another authentication system, you can build a custom realmplugin. For more information, seeIntegrating with other authentication systems.
Realm types can roughly be classified in two categories:
- Internal
- Realms that are internal to Elasticsearch and don’t require anycommunication with external parties. They are fully managed by Elastic Stacksecurity features. There can only be a maximum of one configured realm perinternal realm type. The security features provide two internal realm types:
native
andfile
. - External
- Realms that require interaction with parties/components external toElasticsearch, typically, with enterprise grade identity management systems. Unlikeinternal realms, there can be as many external realms as one would like - eachwith its own unique name and configuration. The Elastic Stack security featuresprovide the following external realm types:
ldap
,active_directory
,saml
,kerberos
, andpki
.