rename setting and update docs

Author: danhermann

docs/reference/settings/monitoring-settings.asciidoc

@@ -198,16 +198,16 @@ xpack.monitoring.exporters:
 
 `auth.username`::
 
-The username is required if a `auth.password` is supplied.
+The username is required if `auth.secure_password` or `auth.password` is supplied.
 
-`secure_auth.password` ({ref}/secure-settings.html[Secure], {ref}/secure-settings.html#reloadable-secure-settings[reloadable])::
+`auth.secure_password` ({ref}/secure-settings.html[Secure], {ref}/secure-settings.html#reloadable-secure-settings[reloadable])::
 
-The password for the `auth.username`. May not be specified with `auth.password`.
+The password for the `auth.username`. Takes precedence over `auth.password` if it is also specified.
 
 `auth.password`::
 
-The password for the `auth.username`. May not be specified with `secure_auth.password`. This setting is deprecated[7.6.0, Use
-`secure_auth.password` instead.].
+The password for the `auth.username`. This setting is ignored if `auth.secure_password` is also specified. This setting is
+deprecated[7.7.0, Use `auth.secure_password` instead.].
 
 `connection.timeout`::
 

x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporter.java

@@ -220,7 +220,7 @@ public void validate(final String username, final Map<Setting<?>, Object> settin
                                 }
 
                                 // it would be ideal to validate that just one of either AUTH_PASSWORD_SETTING or
-                                // SECURE_AUTH_PASSWORD_SETTING were present here, but that is not currently possible with the settings
+                                // AUTH_SECURE_PASSWORD_SETTING were present here, but that is not currently possible with the settings
                                 // validation framework.
                                 // https://github.com/elastic/elasticsearch/issues/51332
                             }
@@ -290,10 +290,10 @@ public Iterator<Setting<?>> settings() {
     /**
      * Secure password for basic auth.
      */
-    public static final Setting.AffixSetting<SecureString> SECURE_AUTH_PASSWORD_SETTING =
+    public static final Setting.AffixSetting<SecureString> AUTH_SECURE_PASSWORD_SETTING =
         Setting.affixKeySetting(
             "xpack.monitoring.exporters.",
-            "secure_auth_password",
+            "auth.secure_password",
             key -> SecureSetting.secureString(key, null),
             TYPE_DEPENDENCY);
     /**
@@ -707,8 +707,8 @@ private static void configureTimeouts(final RestClientBuilder builder, final Con
      */
     public static List<String> loadSettings(Settings settings) {
         final List<String> changedExporters = new ArrayList<>();
-        for (final String namespace : SECURE_AUTH_PASSWORD_SETTING.getNamespaces(settings)) {
-            final Setting<SecureString> s = SECURE_AUTH_PASSWORD_SETTING.getConcreteSettingForNamespace(namespace);
+        for (final String namespace : AUTH_SECURE_PASSWORD_SETTING.getNamespaces(settings)) {
+            final Setting<SecureString> s = AUTH_SECURE_PASSWORD_SETTING.getConcreteSettingForNamespace(namespace);
             final SecureString securePassword = s.get(settings);
             final SecureString existingPassword = SECURE_AUTH_PASSWORDS.put(namespace, securePassword);
             if (securePassword.equals(existingPassword) == false) {
@@ -905,7 +905,7 @@ public static List<Setting.AffixSetting<?>> getDynamicSettings() {
     }
 
     public static List<Setting.AffixSetting<?>> getSecureSettings() {
-        return List.of(SECURE_AUTH_PASSWORD_SETTING);
+        return List.of(AUTH_SECURE_PASSWORD_SETTING);
     }
 
     public static List<Setting.AffixSetting<?>> getSettings() {