I checked the documentation of elasticsearch:7.x but still didn't find the way how I can force the python ES package to use my kerberos token.
I can reach the ES through a browser, curl( curl --negotiate -u ) and requests with requests_kerberos( with mutual OPTIONAL config ) but with the python-es package calling a simple es.cat.health() I get 401AuthenticationException.
My questions are:
Where was I wrong? What did I miss?
Is it even possible to force the ES python lib to use kerberos or does it work under the hood?
It seems We've found a solution, but basically not from the docs.
I've read in the doc about the Elasticsearch object can receive http_auth input, but unfortunately I didn't find what it exactly waits for.
So, you can force the Elasticsearch to use the HTTPKerberosAuth class from the requests_kerberos lib in same way as you can use that for a simple get request >
es = Elasticsearch(<host>, http_auth=HTTPKerberosAuth(mutual_authentication=OPTIONAL))
It works well, but any other suggestions, knowledge share or comments are welcomed.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.