Skip to content

Commit

Permalink
Deployed 779c4bb to 6.2.X with MkDocs 1.6.0 and mike 2.2.0.dev0
Browse files Browse the repository at this point in the history
  • Loading branch information
@SamuelHassine
SamuelHassine committed Jul 7, 2024
1 parent a6e0c60 commit dd0ca3e
Show file tree
Hide file tree
Showing 8 changed files with 316 additions and 132 deletions.
23 changes: 14 additions & 9 deletions 6.2.X/deployment/authentication/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5147,8 +5147,10 @@ <h3 id="saml-button">SAML (button)</h3>
</span><span id="__span-3-11"><a id="__codelineno-3-11" name="__codelineno-3-11" href="#__codelineno-3-11"></a><span class="w"> </span><span class="c1">// &quot;private_key&quot;: &quot;MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwg...&quot;,</span>
</span><span id="__span-3-12"><a id="__codelineno-3-12" name="__codelineno-3-12" href="#__codelineno-3-12"></a><span class="w"> </span><span class="nt">&quot;cert&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;MIICmzCCAYMCBgF2Qt3X1zANBgkqhkiG9w0BAQsFADARMQ8w...&quot;</span><span class="p">,</span>
</span><span id="__span-3-13"><a id="__codelineno-3-13" name="__codelineno-3-13" href="#__codelineno-3-13"></a><span class="w"> </span><span class="nt">&quot;logout_remote&quot;</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span>
</span><span id="__span-3-14"><a id="__codelineno-3-14" name="__codelineno-3-14" href="#__codelineno-3-14"></a><span class="w"> </span><span class="p">}</span>
</span><span id="__span-3-15"><a id="__codelineno-3-15" name="__codelineno-3-15" href="#__codelineno-3-15"></a><span class="p">}</span>
</span><span id="__span-3-14"><a id="__codelineno-3-14" name="__codelineno-3-14" href="#__codelineno-3-14"></a><span class="w"> </span><span class="nt">&quot;want_assertions_signed&quot;</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">,</span>
</span><span id="__span-3-15"><a id="__codelineno-3-15" name="__codelineno-3-15" href="#__codelineno-3-15"></a><span class="w"> </span><span class="nt">&quot;want_authn_response_signed&quot;</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span>
</span><span id="__span-3-16"><a id="__codelineno-3-16" name="__codelineno-3-16" href="#__codelineno-3-16"></a><span class="w"> </span><span class="p">}</span>
</span><span id="__span-3-17"><a id="__codelineno-3-17" name="__codelineno-3-17" href="#__codelineno-3-17"></a><span class="p">}</span>
</span></code></pre></div>
<p>For the SAML strategy to work:</p>
<ul>
Expand All @@ -5161,6 +5163,7 @@ <h3 id="saml-button">SAML (button)</h3>
Here is an example to extract PEM from PCKS12:
<div class="highlight"><pre><span></span><code><span id="__span-4-1"><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a>openssl<span class="w"> </span>pkcs12<span class="w"> </span>-in<span class="w"> </span>keystore.p12<span class="w"> </span>-out<span class="w"> </span>newfile.pem<span class="w"> </span>-nodes
</span></code></pre></div></p>
<p>Starting from OpenCTI 6.2 when <code>want_assertions_signed</code> and <code>want_authn_response_signed</code> SAML parameter are not present in OpenCTI configuration, the default is set to "true" by the underlaying library (passport-saml) when previously it was false by default. If you have issues after upgrade, you can try with both of them set to false.</p>
</div>
<p>Here is an example of SAML configuration using environment variables:</p>
<div class="highlight"><pre><span></span><code><span id="__span-5-1"><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__STRATEGY=SamlStrategy</span><span class="w"> </span>
Expand All @@ -5170,6 +5173,8 @@ <h3 id="saml-button">SAML (button)</h3>
</span><span id="__span-5-5"><a id="__codelineno-5-5" name="__codelineno-5-5" href="#__codelineno-5-5"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__CONFIG__SAML_CALLBACK_URL=http://opencti.mydomain.com/auth/saml/callback</span>
</span><span id="__span-5-6"><a id="__codelineno-5-6" name="__codelineno-5-6" href="#__codelineno-5-6"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__CONFIG__CERT=MIICmzCCAYMCBgF3Rt3X1zANBgkqhkiG9w0BAQsFADARMQ8w</span>
</span><span id="__span-5-7"><a id="__codelineno-5-7" name="__codelineno-5-7" href="#__codelineno-5-7"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__CONFIG__LOGOUT_REMOTE=false</span>
</span><span id="__span-5-8"><a id="__codelineno-5-8" name="__codelineno-5-8" href="#__codelineno-5-8"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__CONFIG__WANT_AUTHN_RESPONSE_SIGNED=true</span>
</span><span id="__span-5-9"><a id="__codelineno-5-9" name="__codelineno-5-9" href="#__codelineno-5-9"></a><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PROVIDERS__SAML__CONFIG__WANT_ASSERTIONS_SIGNED=true</span>
</span></code></pre></div>
<p>OpenCTI supports mapping SAML Roles/Groups on OpenCTI Groups. Here is an example:</p>
<div class="highlight"><pre><span></span><code><span id="__span-6-1"><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a><span class="nt">&quot;saml&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span>
Expand Down Expand Up @@ -5440,7 +5445,7 @@ <h3 id="ldap-then-fallback-to-local">LDAP then fallback to local</h3>
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-05-14T14:56:22+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-05-14</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-06-28T09:40:37+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-06-28</span>
</span>


Expand Down Expand Up @@ -5468,6 +5473,11 @@ <h3 id="ldap-then-fallback-to-local">LDAP then fallback to local</h3>

<nav>

<a href="https://github.com/aHenryJard" class="md-author" title="@aHenryJard">

<img src="https://avatars.githubusercontent.com/u/3634942?v=4&size=72" alt="aHenryJard">
</a>

<a href="https://github.com/SamuelHassine" class="md-author" title="@SamuelHassine">

<img src="https://avatars.githubusercontent.com/u/1334279?v=4&size=72" alt="SamuelHassine">
Expand All @@ -5483,16 +5493,11 @@ <h3 id="ldap-then-fallback-to-local">LDAP then fallback to local</h3>
<img src="https://avatars.githubusercontent.com/u/7083405?v=4&size=72" alt="yassine-ouaamou">
</a>

<a href="https://github.com/richard-julien" class="md-author" title="@richard-julien">

<img src="https://avatars.githubusercontent.com/u/285555?v=4&size=72" alt="richard-julien">
</a>




<a href="https://github.com/OpenCTI-Platform/docs/blob/main/docs/deployment/authentication.md" class="md-author md-author--more">
+3
+4
</a>


Expand Down
175 changes: 153 additions & 22 deletions 6.2.X/deployment/breaking-changes/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -775,14 +775,59 @@
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate-from-opencti-62" class="md-nav__link">
<a href="#change-to-the-observable-promote" class="md-nav__link">
<span class="md-ellipsis">

How to migrate from OpenCTI &lt; 6.2
Change to the observable "promote"

</span>
</a>

<nav class="md-nav" aria-label="Change to the observable "promote"">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate" class="md-nav__link">
<span class="md-ellipsis">

How to migrate

</span>
</a>

</li>

</ul>
</nav>

</li>

<li class="md-nav__item">
<a href="#change-to-saml-authentication" class="md-nav__link">
<span class="md-ellipsis">

Change to SAML authentication

</span>
</a>

<nav class="md-nav" aria-label="Change to SAML authentication">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate_1" class="md-nav__link">
<span class="md-ellipsis">

How to migrate

</span>
</a>

</li>

</ul>
</nav>

</li>

</ul>
Expand All @@ -803,10 +848,22 @@
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate-from-opencti-512" class="md-nav__link">
<a href="#major-changes-to-the-filtering-api" class="md-nav__link">
<span class="md-ellipsis">

How to migrate from OpenCTI &lt; 5.12
Major changes to the filtering APi

</span>
</a>

<nav class="md-nav" aria-label="Major changes to the filtering APi">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate_2" class="md-nav__link">
<span class="md-ellipsis">

How to migrate

</span>
</a>
Expand All @@ -816,6 +873,11 @@
</ul>
</nav>

</li>

</ul>
</nav>

</li>

</ul>
Expand Down Expand Up @@ -4680,10 +4742,22 @@
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate-from-opencti-62" class="md-nav__link">
<a href="#change-to-the-observable-promote" class="md-nav__link">
<span class="md-ellipsis">

How to migrate from OpenCTI &lt; 6.2
Change to the observable "promote"

</span>
</a>

<nav class="md-nav" aria-label="Change to the observable "promote"">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate" class="md-nav__link">
<span class="md-ellipsis">

How to migrate

</span>
</a>
Expand All @@ -4693,6 +4767,39 @@
</ul>
</nav>

</li>

<li class="md-nav__item">
<a href="#change-to-saml-authentication" class="md-nav__link">
<span class="md-ellipsis">

Change to SAML authentication

</span>
</a>

<nav class="md-nav" aria-label="Change to SAML authentication">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate_1" class="md-nav__link">
<span class="md-ellipsis">

How to migrate

</span>
</a>

</li>

</ul>
</nav>

</li>

</ul>
</nav>

</li>

<li class="md-nav__item">
Expand All @@ -4708,10 +4815,22 @@
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate-from-opencti-512" class="md-nav__link">
<a href="#major-changes-to-the-filtering-api" class="md-nav__link">
<span class="md-ellipsis">

Major changes to the filtering APi

</span>
</a>

<nav class="md-nav" aria-label="Major changes to the filtering APi">
<ul class="md-nav__list">

<li class="md-nav__item">
<a href="#how-to-migrate_2" class="md-nav__link">
<span class="md-ellipsis">

How to migrate from OpenCTI &lt; 5.12
How to migrate

</span>
</a>
Expand All @@ -4721,6 +4840,11 @@
</ul>
</nav>

</li>

</ul>
</nav>

</li>

</ul>
Expand Down Expand Up @@ -4830,29 +4954,36 @@ <h1 id="breaking-changes-and-migrations">Breaking changes and migrations</h1>
<p>This section lists breaking changes introduced in OpenCTI, per version starting with the latest.</p>
<p>Please follow the migration guides if you need to upgrade your platform. </p>
<h2 id="opencti-62">OpenCTI 6.2</h2>
<p>Change to the observable "promote" return value: the API now returns the created Indicator instead of the original Observable.</p>
<h3 id="change-to-the-observable-promote">Change to the observable "promote"</h3>
<p>The API calls that promote an Observable to Indicator now return the created Indicator instead of the original Observable.</p>
<p><strong>GraphQL API</strong></p>
<ul>
<li>GraphQL Mutation <code>StixCyberObservableEditMutations.promote</code> is now deprecated</li>
<li>
<p>New GraphQL Mutation <code>StixCyberObservableEditMutations.promoteToIndicator</code> introduced</p>
</li>
<li>
<p>Client-python method <code>client.stix_cyber_observable.promote_to_indicator</code> is now deprecated</p>
</li>
<li>Mutation <code>StixCyberObservableEditMutations.promote</code> is now deprecated</li>
<li>New Mutation <code>StixCyberObservableEditMutations.promoteToIndicator</code> introduced</li>
</ul>
<p><strong>Client-Python API</strong></p>
<ul>
<li>Client-python method <code>client.stix_cyber_observable.promote_to_indicator</code> is now deprecated</li>
<li>New Client-python method <code>client.stix_cyber_observable.promote_to_indicator_v2</code> introduced</li>
</ul>
<p>Change to the SAML authentication: when <code>want_assertions_signed</code> and <code>want_authn_response_signed</code> SAML parameter are not present in OpenCTI configuration, the default is set to "true" by the underlaying library (passport-saml) when previously it was false by default. If you have issues after upgrade, you can try with both of them set to false.</p>
<div class="admonition warning">
<p class="admonition-title">Discontinued Support</p>
<p>Please note that the deprecated methods will be permanently removed in OpenCTI 6.5.</p>
</div>
<h3 id="how-to-migrate-from-opencti-62">How to migrate from OpenCTI &lt; 6.2</h3>
<h4 id="how-to-migrate">How to migrate</h4>
<p>If you are using custom scripts that make use of the deprecated API methods, please update these scripts.</p>
<p>The changes are straightforward: if you are using the return value of the method, you should now expect the new Indicator instead of the Observable being promoted; adapt your code accordingly.</p>
<p>The changes are straightforward: if you are using the return value of the method, you should now expect the new Indicator
instead of the Observable being promoted; adapt your code accordingly.</p>
<h3 id="change-to-saml-authentication">Change to SAML authentication</h3>
<p>When <code>want_assertions_signed</code> and <code>want_authn_response_signed</code> SAML parameter are not present in OpenCTI configuration,
the default is now set to <code>true</code> by the underlying library (passport-saml) when previously it was <code>false</code> by default.</p>
<h4 id="how-to-migrate_1">How to migrate</h4>
<p>If you have issues after upgrade, you can try with both parameters set to <code>false</code>.</p>
<h2 id="opencti-512">OpenCTI 5.12</h2>
<p>This version introduces a major rework of the <strong>filter engine</strong> with breaking changes to the model.</p>
<h3 id="major-changes-to-the-filtering-api">Major changes to the filtering APi</h3>
<p>OpenCTI 5.12 introduces a major rework of the <strong>filter engine</strong> with breaking changes to the model.</p>
<p>A <a href="https://blog.filigran.io/introducing-advanced-filtering-possibilities-in-opencti-552147565faf">dedicated blog post</a> describes the reasons behind these changes.</p>
<h3 id="how-to-migrate-from-opencti-512">How to migrate from OpenCTI &lt; 5.12</h3>
<h4 id="how-to-migrate_2">How to migrate</h4>
<p>Please read the dedicated <a href="../../reference/filters-migration/">migration guide</a>.</p>


Expand All @@ -4876,7 +5007,7 @@ <h3 id="how-to-migrate-from-opencti-512">How to migrate from OpenCTI &lt; 5.12</
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-06-28T09:39:43+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-06-28</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-06-28T10:19:22+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-06-28</span>
</span>


Expand Down
8 changes: 7 additions & 1 deletion 6.2.X/deployment/configuration/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6028,6 +6028,12 @@ <h4 id="redis">Redis</h4>
<td style="text-align: left;">Password of the Redis Server</td>
</tr>
<tr>
<td style="text-align: left;">redis:database</td>
<td style="text-align: left;">REDIS__DATABASE</td>
<td style="text-align: left;"></td>
<td style="text-align: left;">Database of the Redis Server (only work in single mode)</td>
</tr>
<tr>
<td style="text-align: left;">redis:ca</td>
<td style="text-align: left;">REDIS__CA</td>
<td style="text-align: left;">[]</td>
Expand Down Expand Up @@ -7050,7 +7056,7 @@ <h2 id="elasticsearch_1">ElasticSearch</h2>
<span class="md-icon" title="Last update">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1-2.1-2M12.5 7v5.2l4 2.4-1 1L11 13V7h1.5M11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2v1.8Z"/></svg>
</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-05-28T23:25:02+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-05-28</span>
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-07-07T08:19:33+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-07-07</span>
</span>


Expand Down
2 changes: 1 addition & 1 deletion 6.2.X/search/search_index.json
View file

Large diffs are not rendered by default.

Loading

0 comments on commit dd0ca3e

Please sign in to comment.