Issue with DLS (Document Level Security)

Oers · October 27, 2022, 9:19am

Hi,

i wanted to test document level security with evaluation mode = filter-level.
So i followed the documentation Document-level security - OpenSearch documentation and add following line to my opensearch.yml:

plugins.security.dls.mode: filter-level

After node restart i get following error:

java.lang.IllegalArgumentException: unknown setting [plugins.security.dls.mode] did you mean any of [plugins.security.disabled, plugins.security.audit.type, plugins.security.ssl_only, plugins.security.cert.oid]?

Am i doing something wrong?

Thanks.

ralph · October 31, 2022, 10:30am

which version of OpenSearch are you running? this feature & config option had been introduced in 1.3.0: Add support for DLS Term Lookup Queries by jochenkressin · Pull Request #1541 · opensearch-project/security · GitHub

and why do you want to set the setting explicitly? as the documentation states it will always pick the proper mode based on whether your DLS contains a TLQ or not.

Oers · November 2, 2022, 7:55am

@ralph Thanks für feedback.

I’m using OpenSearch 2.3.0.

My intention was to test and compare the two methods and to take a closer look at the resulting filters queries.

Since the documentation says that there is the mentioned configuration key (plugins.security.dls.mode) for switching, i tried that.

Topic		Replies	Views
Document level security - filter does not work Security troubleshoot , configure	4	480	June 1, 2022
Empty document-level security statement causes filtering of results Security troubleshoot , documentation	1	321	October 27, 2023
Error when disabling security Security	2	881	April 13, 2023
Error when specify Document Level Security query in roles Security troubleshoot , upgrade	12	718	August 1, 2022
Audit log setting parameters not working Security	4	579	April 18, 2023

Issue with DLS (Document Level Security)

Related topics