Has anyone had any luck with using http-basic with ES 1.4.2? I just want to
put some basic security on my ES instance from outside of the clusters and
this appears to be the easiest way with just white listing my other nodes.
When I install it and configure it, it shows it going to the http-basic
plugin but it always accepts the username/password from localhost even if I
put the wrong info in there. It also never prompts for username/password
from other IPs connecting to it.
Locally it shows this:
[root@elasticsearch1 http-basic]# curl -v --user bob:wrongpassword
- About to connect() to localhost port 9200 (#0)
- Trying 127.0.0.1... connected
- Connected to localhost (127.0.0.1) port 9200 (#0)
- Server auth using Basic with user 'bob'
GET / HTTP/1.1
Authorization: Basic Ym9iOnBhc3N3b3JkMTIzNTU1
User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
NSS/188.8.131.52 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
< HTTP/1.1 200 OK
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 9
- Connection #0 to host localhost left intact
- Closing connection #0
From external sources it shows this in the logs.
Authorization:null, Host:192.168.1.4:9200, Path:/, :null,
Request-IP:192.168.1.4, Client-IP:null, X-Client-IPnull
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/7d2f2ac4-a8fd-4538-bc21-e0cde135a84d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.