I just tried setting up Shield on my three node testcluster. I downloaded
the license and shield plugins, ran syskeygen and distributed that to all
cluster nodes.
I then ran the following command on all nodes as the es user:
./esusers useradd es_admin -r admin -p foobar1234
After a cluster restart I was asked to enter username and password when
accessing 10.10.0.72:9200 in my browser (or via curl from localhost, same
result). So far so good, but when I enter the user credentials created
above I just get returned to the login prompt.
In the cluster.log file I see the following lines:
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [elastic_node_3]
user not found in cache, proceeding with normal authentication
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [elastic_node_3]
realm [esusers] could not authenticate [es_admin]
I did not add anything to the elasticsearch.yml configuration, as the
documentation stated that this is not strictly speaking necessarry, if I am
happy to use the default esusers realm.
I am probably omitting a very simple but crucial step here, but I cannot
figure out what is wrong and am thankful for any hints as to where I might
look for the cause.
I just tried setting up Shield on my three node testcluster. I downloaded
the license and shield plugins, ran syskeygen and distributed that to all
cluster nodes.
I then ran the following command on all nodes as the es user:
./esusers useradd es_admin -r admin -p foobar1234
After a cluster restart I was asked to enter username and password when
accessing 10.10.0.72:9200 in my browser (or via curl from localhost, same
result). So far so good, but when I enter the user credentials created
above I just get returned to the login prompt.
In the cluster.log file I see the following lines:
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [
elastic_node_3] user not found in cache, proceeding with normal
authentication
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [
elastic_node_3] realm [esusers] could not authenticate [es_admin]
I did not add anything to the elasticsearch.yml configuration, as the
documentation stated that this is not strictly speaking necessarry, if I am
happy to use the default esusers realm.
I am probably omitting a very simple but crucial step here, but I cannot
figure out what is wrong and am thankful for any hints as to where I might
look for the cause.
On 15 March 2015 at 11:30, Sönke Liebau <soe...@liebau.biz <javascript:>>
wrote:
Hi everybody,
I just tried setting up Shield on my three node testcluster. I downloaded
the license and shield plugins, ran syskeygen and distributed that to all
cluster nodes.
I then ran the following command on all nodes as the es user:
./esusers useradd es_admin -r admin -p foobar1234
After a cluster restart I was asked to enter username and password when
accessing 10.10.0.72:9200 in my browser (or via curl from localhost,
same result). So far so good, but when I enter the user credentials created
above I just get returned to the login prompt.
In the cluster.log file I see the following lines:
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [
elastic_node_3] user not found in cache, proceeding with normal
authentication
[2015-03-15 18:26:00,197][DEBUG][shield.authc.esusers ] [
elastic_node_3] realm [esusers] could not authenticate [es_admin]
I did not add anything to the elasticsearch.yml configuration, as the
documentation stated that this is not strictly speaking necessarry, if I am
happy to use the default esusers realm.
I am probably omitting a very simple but crucial step here, but I cannot
figure out what is wrong and am thankful for any hints as to where I might
look for the cause.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.