Security_exception with curl

security

#1

Hi, my first steps with shield 2.3 and some troubles with this plugin.

I create an user superadmin3 and all seems OK

#  ./esusers useradd superadmin3 -r admin --path.conf=/etc/elasticsearch/
Enter new password:
Retype new password:

 # ./esusers list
kibana4-server : kibana4_server
superadmin     : admin
superadmin3    : admin
es_admin       : admin

but a basic curl fail:

# curl -u superadmin3:elastic  -XGET 'http://localhost:9200/'
{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [superadmin3] for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"shield\""}}],"type":"security_exception","reason":"unable to authenticate user [superadmin3] for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"shield\""}},"status":401}

My configuration for realm:

# tail -6 /etc/elasticsearch/elasticsearch.yml
shield:
  authc:
    realms:
      native1:
        type: native
        order: 0

What's wrong ?
thanks for your tips


(Tim Vernum) #2
./esusers useradd superadmin3 -r admin --path.conf=/etc/elasticsearch/

The esusers command manages the shield file realm.

    realms:
      native1:
        type: native

You have configured your server to have a native realm, file based users do not work in the native realm.

You either need to add the file realm to your config file, or use the native users API to manage your users.


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.