Error: shield.authc.esnative

security

(piyush) #1

Hi Jai,
Please help resolving below error:

Moreover, i am very much interested to know how elasticsearch nodes are interacting with each other after shield implementation? how they are getting authenticated?
[2016-10-26 18:46:33,047][WARN ][shield.transport ] [es-master-node] Received response for a request that has timed out, sent [19495ms] ago, timed out [4495ms] ago, action [cluster:monitor/nodes/stats[n]], node [{es-data-node-4}{HD4dxgp2ScaNs6bQEpChUw}{...11.98}{...11.98:9300}{master=false}], id [133069]
[2016-10-26 19:00:09,681][DEBUG][action.search ] [es-master-node] [767] Failed to execute query phase
RemoteTransportException[[es-data-node-2][...1.50:9300][indices:data/read/search[phase/query+fetch/scroll]]]; nested: SearchContextMissingException[No search context found for id [767]];
Caused by: SearchContextMissingException[No search context found for id [767]]
at org.elasticsearch.search.SearchService.findContext(SearchService.java:613)
at org.elasticsearch.search.SearchService.executeFetchPhase(SearchService.java:542)
at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryFetchScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:416)
at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryFetchScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:413)
at org.elasticsearch.transport.TransportRequestHandler.messageReceived(TransportRequestHandler.java:33)
at org.elasticsearch.shield.transport.ShieldServerTransportService$ProfileSecuredRequestHandler.messageReceived(ShieldServerTransportService.java:180)
at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:75)
at org.elasticsearch.transport.netty.MessageChannelHandler$RequestHandler.doRun(MessageChannelHandler.java:300)
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
[2016-10-26 19:00:09,682][ERROR][shield.authc.esnative ] [es-master-node] error occurred while checking the native users for changes
Failed to execute phase [query_fetch], all shards failed; shardFailures {RemoteTransportException[[es-data-node-2][...1.50:9300][indices:data/read/search[phase/query+fetch/scroll]]]; nested: SearchContextMissingException[No search context found for id [767]]; }
at org.elasticsearch.action.search.SearchScrollQueryAndFetchAsyncAction.onPhaseFailure(SearchScrollQueryAndFetchAsyncAction.java:155)
at org.elasticsearch.action.search.SearchScrollQueryAndFetchAsyncAction.access$300(SearchScrollQueryAndFetchAsyncAction.java:41)
at org.elasticsearch.action.search.SearchScrollQueryAndFetchAsyncAction$1.onFailure(SearchScrollQueryAndFetchAsyncAction.java:142)
at org.elasticsearch.action.ActionListenerResponseHandler.handleException(ActionListenerResponseHandler.java:46)
at org.elasticsearch.transport.netty.MessageChannelHandler.handleException(MessageChannelHandler.java:212)
at org.elasticsearch.transport.netty.MessageChannelHandler.handlerResponseError(MessageChannelHandler.java:202)
at org.elasticsearch.transport.netty.MessageChannelHandler.messageReceived(MessageChannelHandler.java:136)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:296)
at org.jboss.netty.handler.codec.frame.FrameDecoder.unfoldAndFireMessageReceived(FrameDecoder.java:462)
at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:443)
at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255)

Thanks & Regards


(CJ Cenizal) #2

Hi Piyush,

It's been a couple of days, and I just wanted to check in and see if you still need help with this error?

Thanks,
CJ


(piyush) #3

Yes please.

ELK stack is in production and i disabled shield for now, due to this error.


(Jay Modi) #4

Hey @piyush , are you using ldap or active directory with unmapped_groups_as_roles?


(piyush) #5

Active Directory and it's true. PFA my configuration:

shield:
authc:
realms:
ccsad:
type: active_directory
order: 0
domain_name: .com
url: ldap://
.com:389
unmapped_groups_as_roles: true


(Jay Modi) #6

Can you try with unmapped_groups_as_roles disabled? That should resolve the issue; we'll be fixing this in a upcoming patch release.


(piyush) #7

It worked, Thanks Jay.


(system) #8