For example, I have an Elasticsearch cluster with a single user and two different applications that want to retrieve all documents from the index to process them. Both applications are using search with scroll mechanism and same user credentials.

Is there a chance that documents in the index will be divided between two applications, because generated scroll IDs contains same info about user which perform requests?

I've read this documentation page and as I understand, the behavior I mentioned above is a normal situation?

That's a concern. If they are different then it makes sense to have different credentials.

Based on what the docs say, yes, there is a chance because you're sharing credentials.

No, that is not possible.
The scroll id describes the state of a single request, if two requests are sent they will have separate scroll ids, even if they are for the same user.

That is a section titled Resource sharing check for users and API keys it means that if your two applications share a userid, nothing within security will stop them from accessing the scrolls of the other application. Elasticsearch will treat the 2 applications as the same user, and allow them to share resources.

Does that apply if it's the same request?

By "same request" I assume you mean "exact same query", in which case yes, it still applies.

Scroll works correctly when security is not enabled - two identical queries will each get a different scroll id. Security doesn't break that.

Ok, I misunderstood the docs then.

The result of async search and scroll requests can be retrieved later by the same user or API key that submitted the initial request.

I guess that should be expanded to say something about it needing to be using the exact same scroll ID that was returned.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.