I have set the below configuration in elasticsearch.yml for LDAP authentication. Even though there is no basic realm in config, Error returned is from basic security as below.
in your configuration but I'm not sure if you just left it out.
Regarding the situation at hand , the error is
missing authentication token for REST request
This seems to suggest that you are not passing the user (and password) parameters in your request.
Assuming you are trying to hit /_cat/nodes?v try with
curl -XGET -u <your_user> 'http://localhost:9200/_cat/nodes?v' and you will be prompted for the ldap password of the that user .
As stated in the documentation the value of the attribute: setting above will affect which attribute <your_user> will be matched against in your LDAP ( cn, uid, etc )
From the xdap documentation, we didn't find any attribute that is mandatory. If we need to provide can you kindly provide us the sample input.
We are actually using the mentioned curl command to hit the elastic search.
Problem is if we send default username, password i.e elastic and changeme, it works fine.
But when we try to send ldap based username and password it throws the mentioned error.
The default value for the attribute is uid and if you want to change that then you should use the user_search.filter as stated in the documentation, instead of user_search.attribute (which I mistakenly suggested above) since it is deprecated.
I will not be able to help you much further if I don't have a view of how your user objects are stored in your LDAP directory. Can you share an example of a user located under DC=rd,DC=net so that I can guide you to change your realm settings ?
That's great to hear but please note that user_search.attribute is deprecated so it will be removed in future versions. In order to future proof your configuration, please made this rather simple change :
Assuming that the attribute is cn (replace it with the one you use - if not ) , change
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.