src/main/java/org/opensearch/security/securityconf/MigrationException.java (4 lines): - line 40: // TODO Auto-generated constructor stub - line 45: // TODO Auto-generated constructor stub - line 50: // TODO Auto-generated constructor stub - line 55: // TODO Auto-generated constructor stub src/main/java/org/opensearch/security/tools/SecurityAdmin.java (3 lines): - line 220: //TODO mark as deprecated and replace it with "era" if "era" is mature enough - line 818: // TODO audit changes to .opendistro_security index - line 1127: //TODO add more validation rules src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java (2 lines): - line 703: //TODO close odshst - line 1052: //TODO check if this could be removed src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java (2 lines): - line 370: allIndices.add("*"); //TODO: maybe replace allIndices instead of add? - line 376: allIndices.add("*"); //TODO: maybe replace allIndices instead of add? src/main/java/org/opensearch/security/dlic/rest/api/RestApiPrivilegesEvaluator.java (2 lines): - line 47: // TODO: Make Singleton? - line 210: * TODO: log failed attempt in audit log src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java (2 lines): - line 391: //TODO exclude Security index - line 674: //TODO add queries as dls queries (works only if dls module is installed) src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java (1 line): - line 182: //TODO check initialize native netty open ssl libs still neccessary src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java (1 line): - line 628: // //TODO filter out user tenants src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java (1 line): - line 47: // TODO: remove in next version src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java (1 line): - line 134: //TODO strip source src/main/java/org/opensearch/security/httpclient/HttpClient.java (1 line): - line 258: // TODO: set a timeout until we have a proper way to deal with back pressure src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java (1 line): - line 99: // TODO it might be sensible to consolidate this with the overridden method in src/main/java/org/opensearch/security/compliance/FieldReadCallback.java (1 line): - line 44: //TODO We need to deal with caching!! src/main/java/org/opensearch/security/ssl/util/SSLCertificateHelper.java (1 line): - line 41: private static boolean stripRootFromChain = true; //TODO check src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java (1 line): - line 628: //TODO filter out user tenants src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java (1 line): - line 285: //TODO OpenSearch Security exception handling, introduce authexception src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java (1 line): - line 99: // TODO allow overriding of IdP metadata? src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java (1 line): - line 340: // TODO: set a timeout until we have a proper way to deal with back pressure src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java (1 line): - line 44: // TODO: the list is outdated. It is necessary to change how meta fields are handled in the near future. src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java (1 line): - line 48: //TODO FUTURE allow only if protocol==https src/main/java/org/opensearch/security/configuration/PrivilegesInterceptorImpl.java (1 line): - line 167: // TODO handle user tenant in that way that this tenant cannot be specified as src/main/java/org/opensearch/security/support/SecurityUtils.java (1 line): - line 89: //TODO: check what to do with _all