elastic
diff --git a/‎docs/docset.yml
Lines changed: 491 additions & 0 deletions b/‎docs/docset.yml
Lines changed: 491 additions & 0 deletions
diff --git a/‎docs/images/create-api-key.png
78.7 KB b/‎docs/images/create-api-key.png
78.7 KB
diff --git a/‎docs/images/es-endpoint.jpg
361 KB b/‎docs/images/es-endpoint.jpg
361 KB
diff --git a/‎docs/images/otel-waterfall-instrumented-without-http.jpg
134 KB b/‎docs/images/otel-waterfall-instrumented-without-http.jpg
134 KB
diff --git a/‎docs/images/otel-waterfall-instrumented.jpg
185 KB b/‎docs/images/otel-waterfall-instrumented.jpg
185 KB
diff --git a/‎docs/images/otel-waterfall-retries.jpg
131 KB b/‎docs/images/otel-waterfall-retries.jpg
131 KB
diff --git a/‎docs/reference/_basic_authentication.md
Lines changed: 51 additions & 0 deletions b/‎docs/reference/_basic_authentication.md
Lines changed: 51 additions & 0 deletions
diff --git a/‎docs/reference/_encrypted_communication.md
Lines changed: 95 additions & 0 deletions b/‎docs/reference/_encrypted_communication.md
Lines changed: 95 additions & 0 deletions
diff --git a/‎docs/reference/_license.md
Lines changed: 16 additions & 0 deletions b/‎docs/reference/_license.md
Lines changed: 16 additions & 0 deletions
diff --git a/‎docs/reference/_maven_repository.md
Lines changed: 35 additions & 0 deletions b/‎docs/reference/_maven_repository.md
Lines changed: 35 additions & 0 deletions
@@ -0,0 +1,51 @@
+---
+mapped_pages:
+  - https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/_basic_authentication.html
+---
+
+# Basic authentication [_basic_authentication]
+
+Configuring basic authentication can be done by providing an `HttpClientConfigCallback` while building the `RestClient` through its builder. The interface has one method that receives an instance of [`org.apache.http.impl.nio.client.HttpAsyncClientBuilder`](https://hc.apache.org/httpcomponents-asyncclient-4.1.x/current/httpasyncclient/apidocs/org/apache/http/impl/nio/client/HttpAsyncClientBuilder.md) as an argument and has the same return type. The http client builder can be modified and then returned. In the following example we set a default credentials provider that requires basic authentication.
+
+```java
+final CredentialsProvider credentialsProvider =
+    new BasicCredentialsProvider();
+credentialsProvider.setCredentials(AuthScope.ANY,
+    new UsernamePasswordCredentials("user", "test-user-password"));
+
+RestClientBuilder builder = RestClient.builder(
+    new HttpHost("localhost", 9200))
+    .setHttpClientConfigCallback(new HttpClientConfigCallback() {
+        @Override
+        public HttpAsyncClientBuilder customizeHttpClient(
+                HttpAsyncClientBuilder httpClientBuilder) {
+            return httpClientBuilder
+                .setDefaultCredentialsProvider(credentialsProvider);
+        }
+    });
+```
+
+Preemptive Authentication can be disabled, which means that every request will be sent without authorization headers to see if it is accepted and, upon receiving an HTTP 401 response, it will resend the exact same request with the basic authentication header. If you wish to do this, then you can do so by disabling it via the `HttpAsyncClientBuilder`:
+
+```java
+final CredentialsProvider credentialsProvider =
+    new BasicCredentialsProvider();
+credentialsProvider.setCredentials(AuthScope.ANY,
+    new UsernamePasswordCredentials("user", "test-user-password"));
+
+RestClientBuilder builder = RestClient.builder(
+    new HttpHost("localhost", 9200))
+    .setHttpClientConfigCallback(new HttpClientConfigCallback() {
+        @Override
+        public HttpAsyncClientBuilder customizeHttpClient(
+                HttpAsyncClientBuilder httpClientBuilder) {
+            httpClientBuilder.disableAuthCaching(); <1>
+            return httpClientBuilder
+                .setDefaultCredentialsProvider(credentialsProvider);
+        }
+    });
+```
+
+1. Disable preemptive authentication
+
+
@@ -0,0 +1,95 @@
+---
+mapped_pages:
+  - https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/_encrypted_communication.html
+---
+
+# Encrypted communication [_encrypted_communication]
+
+Encrypted communication using TLS can also be configured through the `HttpClientConfigCallback`. The [`org.apache.http.impl.nio.client.HttpAsyncClientBuilder`](https://hc.apache.org/httpcomponents-asyncclient-4.1.x/current/httpasyncclient/apidocs/org/apache/http/impl/nio/client/HttpAsyncClientBuilder.md) received as an argument exposes multiple methods to configure encrypted communication: `setSSLContext`, `setSSLSessionStrategy` and `setConnectionManager`, in order of precedence from the least important.
+
+When accessing an Elasticsearch cluster that is setup for TLS on the HTTP layer, the client needs to trust the certificate that Elasticsearch is using. The following is an example of setting up the client to trust the CA that has signed the certificate that Elasticsearch is using, when that CA certificate is available in a PKCS#12 keystore:
+
+```java
+Path trustStorePath = Paths.get("/path/to/truststore.p12");
+KeyStore truststore = KeyStore.getInstance("pkcs12");
+try (InputStream is = Files.newInputStream(trustStorePath)) {
+    truststore.load(is, keyStorePass.toCharArray());
+}
+SSLContextBuilder sslBuilder = SSLContexts.custom()
+    .loadTrustMaterial(truststore, null);
+final SSLContext sslContext = sslBuilder.build();
+RestClientBuilder builder = RestClient.builder(
+    new HttpHost("localhost", 9200, "https"))
+    .setHttpClientConfigCallback(new HttpClientConfigCallback() {
+        @Override
+        public HttpAsyncClientBuilder customizeHttpClient(
+                HttpAsyncClientBuilder httpClientBuilder) {
+            return httpClientBuilder.setSSLContext(sslContext);
+        }
+    });
+```
+
+The following is an example of setting up the client to trust the CA that has signed the certificate that Elasticsearch is using, when that CA certificate is available as a PEM encoded file.
+
+```java
+Path caCertificatePath = Paths.get("/path/to/ca.crt");
+CertificateFactory factory =
+    CertificateFactory.getInstance("X.509");
+Certificate trustedCa;
+try (InputStream is = Files.newInputStream(caCertificatePath)) {
+    trustedCa = factory.generateCertificate(is);
+}
+KeyStore trustStore = KeyStore.getInstance("pkcs12");
+trustStore.load(null, null);
+trustStore.setCertificateEntry("ca", trustedCa);
+SSLContextBuilder sslContextBuilder = SSLContexts.custom()
+    .loadTrustMaterial(trustStore, null);
+final SSLContext sslContext = sslContextBuilder.build();
+RestClient.builder(
+    new HttpHost("localhost", 9200, "https"))
+    .setHttpClientConfigCallback(new HttpClientConfigCallback() {
+        @Override
+        public HttpAsyncClientBuilder customizeHttpClient(
+            HttpAsyncClientBuilder httpClientBuilder) {
+            return httpClientBuilder.setSSLContext(sslContext);
+        }
+    });
+```
+
+When Elasticsearch is configured to require client TLS authentication, for example when a PKI realm is configured, the client needs to provide a client certificate during the TLS handshake in order to authenticate. The following is an example of setting up the client for TLS authentication with a certificate and a private key that are stored in a PKCS#12 keystore.
+
+```java
+Path trustStorePath = Paths.get("/path/to/your/truststore.p12");
+Path keyStorePath = Paths.get("/path/to/your/keystore.p12");
+KeyStore trustStore = KeyStore.getInstance("pkcs12");
+KeyStore keyStore = KeyStore.getInstance("pkcs12");
+try (InputStream is = Files.newInputStream(trustStorePath)) {
+    trustStore.load(is, trustStorePass.toCharArray());
+}
+try (InputStream is = Files.newInputStream(keyStorePath)) {
+    keyStore.load(is, keyStorePass.toCharArray());
+}
+SSLContextBuilder sslBuilder = SSLContexts.custom()
+    .loadTrustMaterial(trustStore, null)
+    .loadKeyMaterial(keyStore, keyStorePass.toCharArray());
+final SSLContext sslContext = sslBuilder.build();
+RestClientBuilder builder = RestClient.builder(
+    new HttpHost("localhost", 9200, "https"))
+    .setHttpClientConfigCallback(new HttpClientConfigCallback() {
+        @Override
+        public HttpAsyncClientBuilder customizeHttpClient(
+            HttpAsyncClientBuilder httpClientBuilder) {
+            return httpClientBuilder.setSSLContext(sslContext);
+        }
+    });
+```
+
+If the client certificate and key are not available in a keystore but rather as PEM encoded files, you cannot use them directly to build an SSLContext. You must rely on external libraries to parse the PEM key into a PrivateKey instance. Alternatively, you can use external tools to build a keystore from your PEM files, as shown in the following example:
+
+```
+openssl pkcs12 -export -in client.crt -inkey private_key.pem \
+        -name "client" -out client.p12
+```
+
+If no explicit configuration is provided, the [system default configuration](https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.md#CustomizingStores) will be used.
+
@@ -0,0 +1,16 @@
+---
+mapped_pages:
+  - https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/_license.html
+---
+
+# License [_license]
+
+Copyright 2013-2019 Elasticsearch
+
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
+
+```
+http://www.apache.org/licenses/LICENSE-2.0
+```
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
+
@@ -0,0 +1,35 @@
+---
+mapped_pages:
+  - https://www.elastic.co/guide/en/elasticsearch/client/java-api-client/current/_maven_repository.html
+---
+
+# Maven Repository [_maven_repository]
+
+The REST client sniffer is subject to the same release cycle as Elasticsearch. Replace the version with the desired sniffer version, first released with `5.0.0-alpha4`. There is no relation between the sniffer version and the Elasticsearch version that the client can communicate with. Sniffer supports fetching the nodes list from Elasticsearch 2.x and onwards.
+
+If you are looking for a SNAPSHOT version, the Elastic Maven Snapshot repository is available at [https://snapshots.elastic.co/maven/](https://snapshots.elastic.co/maven/).
+
+## Maven configuration [_maven_configuration]
+
+Here is how you can configure the dependency using maven as a dependency manager. Add the following to your `pom.xml` file:
+
+```xml
+<dependency>
+    <groupId>org.elasticsearch.client</groupId>
+    <artifactId>elasticsearch-rest-client-sniffer</artifactId>
+    <version>9.0.0-beta1</version>
+</dependency>
+```
+
+
+## Gradle configuration [_gradle_configuration]
+
+Here is how you can configure the dependency using gradle as a dependency manager. Add the following to your `build.gradle` file:
+
+```groovy
+dependencies {
+    compile 'org.elasticsearch.client:elasticsearch-rest-client-sniffer:9.0.0-beta1'
+}
+```
+
+