where it says "Using the Java Node Client with Shield is not recommended or supported."
What does this actually mean ?
Requirement:
We have Elastic Search embedded in our application rather than as a service. We are using java node clients (I believe anything which we use to talk to Cluster apart from transport clients are referred as node clients...please correct me if i am wrong ) to talk to the ES Cluster from within our application. Now we have a requirement to authenticate access to indexes. I know Transport clients does this by setting authorisation headers. But what about the java node clients ? is is possible to authenticate the java node clients using HTTP Authentication against Search guard Internal Users Database ?
What exactly does "NodeClients are not supported by Search Guard" mean ?
A node client isn't supported for use with Shield since the client needs to join the cluster and would need the system key (if in use) and the setup is complicated since the files need to be in specific locations especially when embedding.
Does that mean a nodeClient (Master or Data or Client node in ES Terminoloy) cannot be authenticated using Shield's Authenicaion capabilities ?
We wanted to have some username/password auhentication kind of access to the indexes using Shield?Is it possible with only the Java NodeClients around ?
The only way we have in our application to communicate with the ES Cluster to query indexes is Java Node Client.
What about the encryption ? Do you think using es node client reference to access the indexes could cause any problems ?
You have not explained why you cannot use a transport client and why you must use a node client. If you are using a node client, then you should also be able to use a transport client.
As the documents state, we do not support the use of Shield with an embedded node client. It can work, but there are no instructions available on how to make it work and you won't be following our best security practices.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.