Docker - app_search - how to find default password

How to find out or set password for user: app_search in App Search Docker?

Can not login via: http://localhost:3002/login and keep getting: "Authentication has failed
Invalid credentials"

From logs I can see that AppSearch successfully connects to ElasticSearch.

Thanks

Hi @byteandbit :wave:

As mentioned here you can set a fixed default password by setting the APP_SEARCH_DEFAULT_PASSWORD environment variable.

Setting the default password only works on the initial boot so if you want to reset it afterwards you should run bin/app-search --reset-auth or in the case with Docker Compose you would do docker-compose run app-search --reset-auth.

Oh and to answer "how to find default password", the default password will be logged to the console but only on the initial boot, so if you didn't notice it, it might be hard to retrieve it now.

hi @orhantoy thank you for the response.

I am running ElasticSearch and Kibana in Docker containers on Kubernetes, and AppSearch is running in Docker on Kubernetes too. Unfortunately I have missed the initial boot.... I have tried
bin/app-search --reset-auth but it does not work. It shows new password however when I go to http://localhost:3002/login and try to login I am getting exactly the same massage: "Authentication has failed Invalid credentials". I have also tried to set env variable APP_SEARCH_DEFAULT_PASSWORD but exactly the same effect: "Authentication has failed Invalid credentials".

Do you know if the password for app_search user is saved in AppSearch container or it saved in some index on ElasticSearch? If it is in AppSearch how can I reset in Docker on Kubernetes?

Thanks

The app_search user is managed in Elasticsearch so you could also use the Change password API directly.

Thanks.

But I use app_search.auth.source: standard. Does Elasticsearch manage app_search in such case too?

Anyway I have run GET /_security/user and got following output:

{
  "app_search" : {
    "username" : "app_search",
    "roles" : [ ],
    "full_name" : "app_search",
    "email" : "app-search@example.com",
    "metadata" : { },
    "enabled" : true
  }
}

I have also successfully run:

POST /_security/user/app_search/_password
{
"password" : "test"
}

But still the same front end error Authentication has failed invalid credentials and in the appserach logs I can see always (with unsuccessful login) following:
action_controller][INFO]: [1c44b989-67f1-4996-8ce5-93eb0f005550] Completed 403 Forbidden in 105ms (Views: 18.2ms)

Any Idea?

Can you try to change the password after App Search has booted up (via the ES Security API)? And then try to log in again.

And yes, Elasticsearch manages users in the standard auth source case as well.

I have tried that already and same result.

See following log/trace from AppSearch.

I am always getting (see at the very bottom):

Completed 403 Forbidden in...

2020-01-06T22:53:50.538+00:00][14][2352][action_controller][INFO]: [9517012c-8a44-4115-8f59-d5f883fef0e0] Redirected to http://localhost:3002/login
[2020-01-06T22:53:50.553+00:00][14][2352][action_controller][INFO]: [9517012c-8a44-4115-8f59-d5f883fef0e0] Completed 302 Found in 57ms
[2020-01-06T22:53:50.606+00:00][14][2304][app-server][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Started GET "/login" for 127.0.0.1 at 2020-01-06 22:53:50 +0000
[2020-01-06T22:53:50.616+00:00][14][2304][action_controller][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Processing by LocoTogo::SessionsController#login as HTML
[2020-01-06T22:53:50.617+00:00][14][2304][action_controller][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Parameters: {"host"=>"localhost:3002", "protocol"=>"http"}
[2020-01-06T22:53:50.700+00:00][14][2304][action_view][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Rendered eui_icons/_close.html (0.4ms)
[2020-01-06T22:53:50.713+00:00][14][2304][action_view][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Rendered eui_icons/_lock.html (0.3ms)
[2020-01-06T22:53:50.756+00:00][14][2304][action_view][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Rendered loco_togo/app/views/loco_togo/sessions/login.html.rb (90.6ms)
[2020-01-06T22:53:50.758+00:00][14][2304][action_controller][INFO]: [8a622bd8-03d9-4bad-88a8-edd64f85ecaa] Completed 200 OK in 140ms (Views: 99.4ms)
[2020-01-06T22:54:04.915+00:00][14][2304][app-server][INFO]: [718f2fe8-1536-4097-836b-a06b19a24df8] Started POST "/authenticate/sign_in" for 127.0.0.1 at 2020-01-06 22:54:04 +0000
[2020-01-06T22:54:04.930+00:00][14][2304][cache][DEBUG]: [718f2fe8-1536-4097-836b-a06b19a24df8] Cache read: rack::attack:438430:logins/email:app_search ({:expires_in=>357})
[2020-01-06T22:54:04.931+00:00][14][2304][cache][DEBUG]: [718f2fe8-1536-4097-836b-a06b19a24df8] Cache write: rack::attack:438430:logins/email:app_search ({:expires_in=>357})
[2020-01-06T22:54:04.939+00:00][14][2304][action_controller][INFO]: [718f2fe8-1536-4097-836b-a06b19a24df8] Processing by AuthenticateController#login as /
[2020-01-06T22:54:04.939+00:00][14][2304][action_controller][INFO]: [718f2fe8-1536-4097-836b-a06b19a24df8] Parameters: {"auth_strategy"=>"password", "user"=>{"email"=>"app_search", "password"=>"[FILTERED]"}, "host"=>"localhost:3002", "protocol"=>"http"}
[2020-01-06T22:54:04.963+00:00][14][2304][action_view][INFO]: [718f2fe8-1536-4097-836b-a06b19a24df8] Rendered text template (0.1ms)
[2020-01-06T22:54:04.964+00:00][14][2304][action_controller][INFO]: [718f2fe8-1536-4097-836b-a06b19a24df8] Completed 403 Forbidden in 24ms (Views: 4.8ms)

Where to find any more info? Is the source code available somewhere?

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.