I am using Elasticsearch version 1.2.1. I was looking for ways to secure access to Elasticsearch when I found the Jetty plugin. It lets me create users based on roles and is satisfying my requirements.
However it only restricts HTTP requests.
I was using Java Transport client for talking to Elasticsearch and since it uses Transport layer protocol while connecting to ES at 9300, the Jetty plugin has no effect on it.
So as an alternative to the Transport Client I have tried using the Jest Client. But I have not found any API for sending authentication credentials while inserting data or reading or when creating a client.
Is there a way in which I can pass authentication credentials in the Jest client while sending requests?
If Jest Client does not support this, are there any alternative clients which will allow me to do so?
There are so much authentication layers out there. I do not see much sense
in reinventing the wheel.
You should run ES cluster in private subnets only where nobody has access
to the machines, except your frontend service which is open to the web
(HTTP port 80/443). Such a frontend service can be an nginx reverse proxy,
Java EE container, whatever. The authentication has to take place there, at
the frontend only, not in the low level ES API, where it simply does not
fit the purpose.
I am using Elasticsearch version 1.2.1. I was looking for ways to secure
access to Elasticsearch when I found the Jetty plugin. It lets me create
users based on roles and is satisfying my requirements.
However it only restricts HTTP requests.
I was using Java Transport client for talking to Elasticsearch and since it
uses Transport layer protocol while connecting to ES at 9300, the Jetty
plugin has no effect on it.
So as an alternative to the Transport Client I have tried using the Jest
Client. But I have not found any API for sending authentication credentials
while inserting data or reading or when creating a client.
Is there a way in which I can pass authentication credentials in the Jest
client while sending requests?
If Jest Client does not support this, are there any alternative clients
which will allow me to do so?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.