Auth plugin not prompting for authentication


(Tim Dunphy) #1

Hey all,

I need a free alternative for shield for my personal cluster. We use shield at work, but for my own project I need something free and open source.

So I tried the ES auth plugin:

ES Auth

I installed the auth plugin with this line on each node in the cluster:

plugin --install org.codelibs/elasticsearch-auth/1.4.0

And made sure to restart the entire cluster.

And I tried setting up an admin user with the following curl:

 curl -XPUT 'http://es1.example.com:9200/_auth/account' -d "{
     \"authenticator\" : \"index\",
         \"username\" : \"admin\",
             \"password\" : \"secret\",
                 \"roles\" : [\"user\", \"admin\"]
                 }"

And I tried to secure the contents of the indexes with this curl:

curl -XPOST 'http://es1.example.com:9200/security/constraint/' -d "{
    \"authenticator\" : \"index\",
            \"methods\" : [\"get\", \"post\"],
                \"roles\" : [\"admin\"]
                }"

However when I try to curl the cluster with no auth I still don't get a prompt:

[root@logs:~] #curl -XGET http://localhost:9200/logstash-2015.07.18
{"logstash-2015.07.18":{"aliases":{},"mappings":{"_default_":{"dynamic_templates":[{"message_field":{"mapping":{"index":"analyzed","omit_norms":true,"type":"string"},"match":"message","match_mapping_type":"string"}},{"string_fields":{"mapping":{"index":"analyzed","omit_norms":true,"type":"string","fields":{"raw":"settings":{"index":{"refresh_interval":"5s","creation_date":"1439760347713","number_of_shards":"5","uuid":"8U5pz9Os

Does anyone out there know enough about this plugin to understand where I'm going wrong? I'd appreciate some help with this.

Thanks


(Tin Le) #2

What version of ES are you running. This particular version of the auth plugin is only for ES v1.4.0, at least that is what the github page for it is saying. https://github.com/codelibs/elasticsearch-auth

Auth Tested On Elasticsearch
master 1.7.x
1.4.0 1.4.0
1.3.0 1.3.1
1.2.0 1.2.1
1.1.0 1.0.0
1.0.1 0.90.11


(Tim Dunphy) #3

I'm running ES 1.7,1 and yes I'm using 1.4.0 of auth.

Thanks,
Tim


(system) #4