Hello,
I encounter a trouble in the Shield installation
My installation is based on
- Kibana-4.4.2-linux-x64
- ElasticSearch 2.2.0
- Shield 2.2.0
I installed:
/usr/share/elasticsearch/bin/plugin install file:///data/ELK/sources/plugin-shield/shield-2.2.0.zip
/usr/share/elasticsearch/bin/shield/esusers useradd admin -p mypassword -r admin
/usr/share/elasticsearch/bin/shield/esusers useradd user -p mypassword -r user
/usr/share/elasticsearch/bin/shield/esusers useradd kibana4-server -r kibana4_server -p mypassword
/data/ELK/kibana/bin/kibana plugin -i shield -u file:///data/ELK/sources/plugin-shield/shield-2.2.0.tar.gz
The user "user" belongs to the group "user":
## Read-only operations on indices
#user:
# indices:
# '*':
# privileges: read
I put in
/etc/elasticsearch/elasticsearch.yml
shield:
authc:
realms:
esusers1:
type: esusers
order: 0
shield.audit.enabled: true
in
/data/ELK/kibana/config/kibana.yml
elasticsearch.username: kibana4-server
elasticsearch.password: mypassword
# SSL for outgoing requests from the Kibana Server to the browser (PEM formatted)
server.ssl.cert: /data/ELK/sslcert/mycert.crt
server.ssl.key: /data/ELK/sslcert/mycert.key
shield.encryptionKey: "mypassphrase"
shield.sessionTimeout: 600000
When I open https: //xx.xx.xx.xx:5600
I get the login window.
I can log but I have 2 problems
-
With a user that does not exist I'm logged correctly ... It's very strange!
-
When I connect with the user "user" which belongs to the group "user", I can delete indice. But with the "user" role privileges, it supposed to be refused!
-
http: //xx.xx.xx.xx:5600 is already open. I don't have any login windows to access of elasticsearch web interface
Can you help me ?
Thanks