Authentication using Java API and TransportClient


(Robgratz) #1

I'm fairly new to using elasticsearch and xpack and am having trouble figuring out how to specify the username/password for authentication when connecting to a node using the TransportClient. I know my basic configuration is correct because if I go to :9200 with the browser, it prompts me for user/pw and when I enter the default credentials for user 'elastic', the page shows successfully.

I also know, other than the user/pw config, that my client application using the TransportClient is correct because if I disable authentication in the elasticsearch.yml file, I can make calls successfully to my ES node.

I've seen some mention of "xpack.security.user" as a property, but when I try setting that into the settings for connecting, it tells me that it is an invalid property.

Again, the same client succeeds when xpack.security.enabled=false, but when true, I get this error:

NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{pyXJL2PeTtGejUwbpycDUg}{127.0.0.1}{127.0.0.1:9300}]]

Any help would be greatly appreciated. Thanks.


(Alexander Reelsen) #2

Hey,

can you share your configuration of the TransportClient?

Also, you need to check if you are on Elasticsearch 2.x or 5.x. The xpack.security.user field as mentioned here is for 5.x.

Last but not least, check if you have SSL enabled or not.

--Alex


(Robgratz) #3

Here is how I create the transport client:

Settings settings = Settings.builder().build();
TransportAddress addr = new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), 9300);
TransportClient client = new PreBuiltTransportClient(settings).addTransportAddress(addr);

I am using ES 5.0.

As far as using SSL, I am using whatever the default configurations are after installing xpack. The only modification I've made on either ES or xpack is adding the xpack.security.enabled property so I could try everything with authentication turned off. Again, the exact same client and configuration works when I disable security, but when I enable it, I get the previously specified error.

Thank you for the link. I'll go through that information that I previously had not found.


(Alexander Reelsen) #4

So, where is your xpack.security.user configuration for that transport client (or the error message that you having)? You need configure authentication for the transport client, either globally for all requests or for every single one? Did you take a look at a link that I had in my last post with the example?

--Alex


(Alexander Reelsen) #5

On top the link above also uses the specific PreBuiltXPackTransportClient class


(Robgratz) #6

Thanks for the information. I had not seen the link you provided so when I set the xpack.security.user property it told me it was an invalid property so I took it out. Problem was I didn't realize there was a specific xpack-transport jar file I needed as well. My guess is that will enable setting the xpack.security.user property without throwing an error and also make available the xpack transport class you just mentioned.

With that said, when will that transport jar be made available on the main maven repositories. I am having trouble accessing the elasticsearch repository mentioned in the documentation. So, needless to say, I haven't been able to try the suggestions that you and the documentation have made. I've tried hitting the repo straight from the browser which works for the other repos we use and that doesn't work and I've tried adding the repository configuration to my pom and that hasn't worked either. Anyone else having any issues on that front?

Again, thanks for the help. Think I'm close but just need to get that jar file.


(Alexander Reelsen) #7

Hey,

we cant put that transport client into the maven repo, because it is not open source. If you have issues connecting to the elastic repo lets make sure we debug those, can you show what does not work? Can you paste your mvn configuration along with the output you got?

--Alex


(Robgratz) #8

The transport client isn't open source? I didn't see anything about licensing on that. Does that mean that xpack is also not open source?

I've added the repo specified in the documentation to our local repository as a proxy and all that I see when browsing that repo is an archetype-catalog. No jar file artifacts. When I try hitting that URL from the browser I now get redirected to:
https://www.elastic.co/downloads


(Alexander Reelsen) #9

Hey,

the PreBuiltXPackTransportClient class is part of x-pack, which in turn is not open source and thus not propagated to sonatype.

--Alex


(Robgratz) #10

So I'm confused. I don't see anywhere in any documentation that talks about how to license that product. Can you point me to that information? We really don't have an option of running elasticsearch wide open as it is by default.


(Alexander Reelsen) #11

Sure, you might wanna check out license management documentation or head over to the subscriptions page

--Alex


(Robgratz) #12

Thank you. That's exactly what I need. Appreciate all the help.


(system) #13