Hi
On rest /api/security/v1/users
I'm getting :
{"statusCode":403,"error":"Forbidden","message":"Access is denied because Security is disabled in Elasticsearch."}
But i did everything according to security docs.
I have xpack.security.enabled: true and others.
How can i debug the root cause ?
Moreover - on url /_security/_authenticate?pretty
I'm getting more detailed info:
"Security must be explicitly enabled when using a trial license. Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file and restart the node."
But i really have this option enabled ...
Hi @Piotr_Komisarski, Which version of the Elastic Stack are you using? I assume you've updated xpack.security.enabled in the elasticsearch.yml on each of your nodes, and performed a restart of each?
7.0.1.
Yes - everything was restarted
Stacktrace:
org.elasticsearch.ElasticsearchException: Security must be explicitly enabled when using a trial license. Enable security by setting [xpack.security.enabled] to [true] in the elasticsearch.yml file and restart the node.
at org.elasticsearch.xpack.security.rest.action.SecurityBaseRestHandler.checkFeatureAvailable(SecurityBaseRestHandler.java:75) ~[?:?]
at org.elasticsearch.xpack.security.rest.action.SecurityBaseRestHandler.prepareRequest(SecurityBaseRestHandler.java:51) ~[?:?]
at org.elasticsearch.rest.BaseRestHandler.handleRequest(BaseRestHandler.java:92) [elasticsearch-7.0.1.jar:7.0.1]
at org.elasticsearch.xpack.security.rest.SecurityRestFilter.handleRequest(SecurityRestFilter.java:69) [x-pack-security-7.0.1.jar:7.0.1]
at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:240) [elasticsearch-7.0.1.jar:7.0.1]
at org.elasticsearch.rest.RestController.tryAllHandlers(RestController.java:337) [elasticsearch-7.0.1.jar:7.0.1]
at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:174) [elasticsearch-7.0.1.jar:7.0.1]
Hey @Piotr_Komisarski, that should be all that is required to enable security in Elasticsearch. If you try to curl http://localhost:9200 what do you get back?
{
"name" : "elk",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "lmBMkDs0TXq-V--NLYXEqA",
"version" : {
"number" : "7.0.1",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "e4efcb5",
"build_date" : "2019-04-29T12:56:03.145736Z",
"build_snapshot" : false,
"lucene_version" : "8.0.0",
"minimum_wire_compatibility_version" : "6.7.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
Not sure if this is relevant, but during startup i have this info in log:
[2019-06-06T23:35:39,630][INFO ][o.e.p.PluginsService ] [elk] loaded module [x-pack-security]
Please post your elasticsearch.yml here.
It looks like something is wrong there, but we won't be able to debug it by guessing.
RIght now the only uncommented line is:
xpack.security.enabled: true
Are you 100% sure that you're editing the correct file?
I've never seen this occur before, so it feels like the cause it likely to be enviromental.
Can you provide the output of:
curl 'http://localhost:9200/_xpack'
and
curl 'http://localhost:9200/_cluster/settings?include_defaults=true&pretty' | grep -A12 '"security"'
Hi
Sorry for this, but I was changing incorrect .yml file.
I'm using elk from docker image and there are 2 files:
But since we're here i have a question:
In some documentation there is a statement:
The elastic user is a superuser . We don't recommend using it for any purpose other than administering the system.
From this reason i have rather easy password for elastic. I want to expose kibana to the world so how can i disable elastic user from login to kibana ?
There is no way to do that.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.