AuthenticationError with Elastic Cloud

tlv324 · March 9, 2016, 2:52pm

My Cluster ID: 126812
I am trying to connect to my cluster using a NuGet package that allows me to define my host, the index name, and the type name.
For example, LogToElasticsearch("some string here", "http://id.us-east-1.aws.found.io:9200", "indexname", "typename")

However, in order to use Kibana 4 I needed to configure Shield, but now when with Shield configured I can no longer index data because my cluster is protected. How do I add authentication so I can start indexing data again.

I tried a suggestion of using http://username:password@id.us-east-1.aws.found.io:9200 but that was also unsuccessful for me.

Xu_Zhang · March 9, 2016, 7:02pm

Hi tlv324

I'm not sure if NuGet supports Shield. I think the question is not specific to cloud, the kibana forum would be a better place.

I moved this question to the Kibana category.

Thanks,
Xu

Bargs · March 9, 2016, 7:15pm

What NuGet package are you using? You'll likely need to follow any instructions that come with the package for connecting to a protected cluster.

My only suggestion is that you try using your example url with https e.g. https://username:password@id.us-east-1.aws.found.io:9200

tlv324 · March 9, 2016, 7:18pm

@Bargs
Unfortunately, there aren't any instructions for connecting to a protected cluster. It is open-source and the developers don't seem to be working on the project anymore. If I could figure out how to achieve this myself I would but I have no idea.

I am using this NuGet package.

I should also mention I tried using the endpoint for the https as well and got the same error in the logs of Elastic Cloud.

Bargs · March 9, 2016, 7:46pm

Unfortunately I don't have any experience with this package. Shield authentication works via simple basic auth, so the URL you're trying should work. The only advice I could give is to use something like Charles to see the details of the http requests the NuGet package is sending to elasticsearch. Sorry I can't be more helpful.

tlv324 · March 9, 2016, 7:53pm

No worries @Bargs ! I will take a look into a bit more eventually. I thought the URL would work as well, might have to look at how the url is parsed and see if there's something there.

tlv324 · April 15, 2016, 7:41pm

Is Charles similar to wireshark? I've been trying to use Wireshark to look at this issue.

tlv324 · April 15, 2016, 8:42pm

I should also note that in my wireshark logs I cannot see the username:password so I'm assuming the shipper I am using is doing something weird. Luckily its open source so I just need to look at it a bit more and change what isn't working

tlv324 · April 18, 2016, 3:37pm

I have done some investigation into the shipper I am using and it uses C#'s HttpClient.PostAsync method which basically takes a URI and the content and can take a cancellation token if desired. I am wondering if anyone knows if that could potentially be my issue?

tlv324 · April 18, 2016, 3:51pm

Well I've done a bit more research into this in the last few minutes and yes the HttpClient was my issue. I guess it likes to ignore the username and password in the link and you have to set the Authorization error yourself. Here are two stackoverflow articles which basically explain it.

http://stackoverflow.com/questions/18478528/how-to-use-credentials-in-httpclient-in-c

http://stackoverflow.com/questions/30858890/how-to-use-httpclient-to-post-with-authentication?lq=1