The easiest way to manage and authenticate users is with the internal native
realm.
The native realm is available by default when no other realms are
configured. If other realm settings have been configured in elasticsearch.yml
,
you must add the native realm to the realm chain.
You can configure a native
realm in the xpack.security.authc.realms.native
namespace in elasticsearch.yml
.
Explicitly configuring a native realm enables you to set the order in which it
appears in the realm chain, temporarily disable the realm, and control its
cache options.
Add a realm configuration to elasticsearch.yml
under the
xpack.security.authc.realms.native
namespace. It is recommended that you
explicitly set the order
attribute for the realm.
See Native realm settings for all of the options you can set for the native
realm.
For example, the following snippet shows a native
realm configuration that
sets the order
to zero so the realm is checked first:
xpack: security: authc: realms: native: native1: order: 0
To limit exposure to credential theft and mitigate credential compromise,
the native realm stores passwords and caches user credentials according to
security best practices. By default, a hashed version of user credentials
is stored in memory, using a salted sha-256
hash algorithm and a hashed
version of passwords is stored on disk salted and hashed with the bcrypt
hash algorithm. To use different hash algorithms, see User cache and password hash algorithms.