Ordering of authentication sequences

Mr_Hedgehog · April 9, 2021, 6:52pm

I have a question on the ordering of authentication sequences, as I find the documentation a little unclear.

Given the setup below

Is the execution order 0, 1, 2 or 2,1,0 or is the it actual listing order as they appear in the config.yml file?

Many thanks.

aparo · April 10, 2021, 7:54am

The execution order is from lower to higher (0, 1,2).
In config.yml the value doesn’t depend of the order in which they appear, but they depends on order parameter in the authc block

 kerberos_auth_domain:
        http_enabled: false
        transport_enabled: false
        order: 6
        http_authenticator:
          type: kerberos
          challenge: true
          config:
            # If true a lot of kerberos/security related debugging output will be logged to standard out
            krb_debug: false
            # If true then the realm will be stripped from the user name
            strip_realm_from_principal: true
        authentication_backend:
          type: noop

Mr_Hedgehog · April 10, 2021, 11:59am

Many thanks for the clarification. Will.

Topic		Replies	Views
Chaining backends does not work Security discuss , troubleshoot , configure	2	327	May 24, 2022
Authentication Limitation Security	1	633	May 19, 2021
Getting spam on log : Invalid 'Authorization' header, send 401 and 'WWW-Authenticate Basic' Security	5	1845	May 20, 2021
Multiple SAML Auth options for Kibana Open Source Elasticsearch and Kibana	1	619	February 7, 2023
Authc Multiple AD Domains Equivalent Security	3	1018	April 22, 2021

Ordering of authentication sequences

Related topics