Problem with Shield installation

pittoch · March 23, 2016, 1:36pm

Hello,

I encounter a trouble in the Shield installation

My installation is based on

Kibana-4.4.2-linux-x64
ElasticSearch 2.2.0
Shield 2.2.0

I installed:

/usr/share/elasticsearch/bin/plugin install file:///data/ELK/sources/plugin-shield/shield-2.2.0.zip

/usr/share/elasticsearch/bin/shield/esusers useradd admin -p mypassword -r admin
/usr/share/elasticsearch/bin/shield/esusers useradd user -p mypassword -r user
/usr/share/elasticsearch/bin/shield/esusers useradd kibana4-server -r kibana4_server -p mypassword

/data/ELK/kibana/bin/kibana plugin -i shield -u file:///data/ELK/sources/plugin-shield/shield-2.2.0.tar.gz

The user "user" belongs to the group "user":

 ## Read-only operations on indices
 #user:
 #  indices:
 #    '*':
 #      privileges: read

I put in

/etc/elasticsearch/elasticsearch.yml

shield:
  authc:
    realms:
      esusers1:
        type: esusers
        order: 0

shield.audit.enabled: true

in
/data/ELK/kibana/config/kibana.yml

elasticsearch.username: kibana4-server
elasticsearch.password: mypassword

# SSL for outgoing requests from the Kibana Server to the browser (PEM formatted)
server.ssl.cert: /data/ELK/sslcert/mycert.crt
server.ssl.key: /data/ELK/sslcert/mycert.key

shield.encryptionKey: "mypassphrase"
shield.sessionTimeout: 600000

When I open https: //xx.xx.xx.xx:5600
I get the login window.
I can log but I have 2 problems

With a user that does not exist I'm logged correctly ... It's very strange!
When I connect with the user "user" which belongs to the group "user", I can delete indice. But with the "user" role privileges, it supposed to be refused!
http: //xx.xx.xx.xx:5600 is already open. I don't have any login windows to access of elasticsearch web interface

Can you help me ?

Thanks

Michael1 · March 23, 2016, 5:59pm

I am having the same problem with #1 - I can type anything into the Username/Password box and it get's in every time!!!!

jaymode · March 23, 2016, 6:24pm

Your user role that you show looks like it is commented out, is that accurate?

pittoch · March 23, 2016, 8:19pm

in my file I have no comment on the configuration.

Also, when I open ElasticSearch at xx.xx.xx.xx:9200 , no authentication asked me...

I wonder if my problems are not connected with the fact that I installed just before Marvel with a basic license 1 year .
Iread somewhere that it disables basic demo license for 30 days of schield or other plugin like watcher. Actually when I look xx.xx.xx : 9200 / _schield , the plugin does not appear activated.

 curl -u es_admin http://127.0.0.1:9200/_shield
{
  "status" : "unlicensed",
  "name" : "node-1",

jaymode · March 23, 2016, 8:33pm

@pittoch Your hunch is correct. A basic license will disable Shield. If you would like to evaluate Shield, you can email info@elastic.co to request a trial license that will enable.

Topic		Replies	Views
Kibana login Elasticsearch elastic-stack-security	5	1190	July 6, 2017
Kibana Shield Configuration Elasticsearch elastic-stack-security	8	5380	July 6, 2017
Shield authentication issue Elasticsearch elastic-stack-security	12	2195	July 6, 2017
[SHIELD] Kibana to Elasticsearch Elasticsearch elastic-stack-security	9	1634	December 30, 2016
Shield - The user can see everyhting? Elasticsearch elastic-stack-security	4	952	July 6, 2017

Problem with Shield installation

Related Topics