ERROR: I got a security_exception when i was open discover page: missing authentication credentials for REST request /_msearch

liu78778 · May 18, 2020, 11:53am

Kibana version : 7.4.2

Elasticsearch version : 7.4.2

Server OS version : CentOS Linux release 7.4.1708 (Core)

Browser version : Chrome 80.0.3987.132

Browser OS version : Windows 10.0.18363

Original install method (e.g. download page, yum, from source, etc.) :
Clone form https://github.com/elastic/kibana.git

Description of the problem including expected versus actual behavior :
I started Kibana on oss mode, When I open the discover page, I get an error

server   error  [10:32:19.006]  [security_exception] missing authentication credentials for REST request [/_msearch?rest_total_hits_as_int=true&ignore_throttled=true], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } } :: {"path":"/_msearch","query":{"rest_total_hits_as_int":"true","ignore_throttled":"true"},"body":"{\"index\":\"statistic-*\",\"ignore_unavailable\":true,\"preference\":1589797935832}\n{\"timeout\":\"30000ms\",\"version\":true,\"size\":500,\"sort\":[{\"_score\":{\"order\":\"desc\"}}],\"_source\":{\"excludes\":[]},\"stored_fields\":[\"*\"],\"script_fields\":{},\"docvalue_fields\":[],\"query\":{\"bool\":{\"must\":[],\"filter\":[{\"match_all\":{}}],\"should\":[],\"must_not\":[]}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647}}\n","statusCode":401,"response":"{\"error\":{\"root_cause\":[{\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/_msearch?rest_total_hits_as_int=true&ignore_throttled=true]\",\"header\":{\"WWW-Authenticate\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}}],\"type\":\"security_exception\",\"reason\":\"missing authentication credentials for REST request [/_msearch?rest_total_hits_as_int=true&ignore_throttled=true]\",\"header\":{\"WWW-Authenticate\":\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"}},\"status\":401}","wwwAuthenticateDirective":"Basic realm=\"security\" charset=\"UTF-8\""}
    at respond (E:\workspace\workspace-elk\kibana\node_modules\elasticsearch\src\lib\transport.js:349:15)
    at checkRespForFailure (E:\workspace\workspace-elk\kibana\node_modules\elasticsearch\src\lib\transport.js:306:7)
    at HttpConnector.<anonymous> (E:\workspace\workspace-elk\kibana\node_modules\elasticsearch\src\lib\connectors\http.js:173:7)
    at IncomingMessage.wrapper (E:\workspace\workspace-elk\kibana\node_modules\elasticsearch\node_modules\lodash\lodash.js:4929:19)
    at IncomingMessage.emit (events.js:194:15)
    at endReadableNT (_stream_readable.js:1103:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)

Does anyone know how to deal with this?

rashmi · May 26, 2020, 10:03pm

Can you open it in an incognito browser and check the behavior.
This exception looks like a request without authentication credentials which throws this Exception as security is now enabled.

How are you executing this request? If it came from a Browser, then you'd be prompted for authentication (Basic Authentication) . If you're using i.e. curl , you need to pass the credentials with your request with -u username:password

Thanks
Rashmi

system · June 23, 2020, 10:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.