Elastic shield documentation mentions that it can cache users for authentication However there's no clear explanation or an example on how to achieve this.
I have a native realm user and a file realm user (for file realm user I configured following)
When I make a rest call using rest client or curl
I would need to pass username/password with each request
curl -u filerealmusername:password -XGET'http://localhost:9600/_shield/user/username?pretty'
1 . How do I avoid passing username:password in subsequent requests ?
- I'm trying to achieve this in elasticsearch python client , essentially I need to avoid passing username password in each request explicitly. For Instance following
es = Elasticsearch(
Currently, Shield and X-Pack only support basic authentication. The caching is an internal mechanism to improve performance but your requests still need to provide the username and password every time.
Tokens and/or sessions are something we are currently looking at but these will only be available in X-Pack.
I see, I have integrated kibana through shield with elastic search and I have noticed that this requires username/password to be logged in once and maintained for session.
Kibana creates a session. May I know how is it able to achieve the same, as sessions are not supported in shield ?
Is there by any other means I can achieve a session like functionality in python ? For instance cookies or something similar ?
The session is at the Kibana layer only; Kibana still needs to pass the authentication credentials to elasticsearch.
Does the official python client elasticsearch-py client facilitates similar capabilities for maintaining a session or cookies etc. ?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.