Kibana/Elasticsearch do not pop up dialog for Username and Password when using Custom Realm with Shield

security

(Raghu) #1

Hi,

I'm trying to create a custom realm to authenticate users for Kibana and Elasticsearch using
https://github.com/elastic/shield-custom-realm-example and I've setup the configuration for my custom realm in elasticsearch.yml. But neither elasticsearch (localhost:9200) nor kibana (localhost:5601) prompt for a dialog box asking for username and password and throws this exception:

{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"crowd-challenge"}}],"type":"security_exception","reason":"missing authentication token for REST request [/]","header":{"WWW-Authenticate":"crowd-challenge"}},"status":401}

It works fine with esusers realm though.

versions we are using:
elasticsearch 2.1.0
kibana 4.3.1
shield 2.1.0


(Jay Modi) #2

Hi,

I believe that your custom realm is sending back the incorrect WWW-Authenticate header. It appears that it is sending a value of crowd-challenge, which a browser will not recognize. If you want the authentication dialog box, try sending basic as the value or one of the values.


(system) #3