Add integration tests for Elasticsearch security features

[davemoore-]

While zentity should run seamlessly with native Elasticsearch security features and has proven to do so in practice, it would be a good idea to write automated tests for zentity operating within the constraints of those security features. The tests will provide assurance that zentity functions as designed in a secured cluster, that zentity does not somehow circumvent those security features, and that zentity properly handles security exceptions.

Features to test

• [ ] TLS between the client and the cluster and between the nodes of the cluster.
• [ ] Basic authentication with either the native realm or file realm.
• [ ] Basic role-based access control with cluster- and index-level security:
  • [ ] Setup API
  • [ ] Home API
  • [ ] Models API
  • [ ] Resolution API

[rursprung]

what about alternative security plugins like Search Guard and OpenDistro for Elasticsearch (note: the latter will not continue to support Elasticsearch and will instead be fully integrated into OpenSearch - see also #90 for that)?

[davemoore-]

@rursprung My intent is to test compatibility with security features only from the official distribution of Elasticsearch. It's possible that zentity might work with other security frameworks, but I haven't tested those and I don't have plans to test and support them officially.