Shield and Grails application

security

(Pvsousalima) #1

Hello!

I am using ElasticSearch in a project for my company. I'm also using shield to make security via http enabled, this way I won't have my ES instance receiving requests from "strangers".

The problem is that the server side is written using the Grails Framework. I'm using the Grails official plugin to connect to a given ES instance running.

It works fine, until I get to install shield. The grails application says it can't find a node available to connect (I guess the Shield returns 401 not giving auth to my Grails application).

How do I send my authorization (in header HTTP request like: Authorization: BASE64 String) through Grails to connect to my ES instance (protected with Shield?) I'm running in the transport mode, so it'll be able to only connect to my aside instance of ES.

I want make my grails app be the only one to be ale to athenticate and get info (search, index) from my ElasticSearch. Any clue? Thank you very much :slight_smile:


(Jay Modi) #2

What version of elasticsearch and shield are you using? I do not have any experience with the grails plugin and it is not something that we officially support. We do offer a groovy client https://github.com/elastic/elasticsearch-groovy

In general, you need to ensure the transport client loads the shield plugin and specify the shield.user setting. Step 3 will give you an idea of the code in Java: https://www.elastic.co/guide/en/shield/current/_using_elasticsearch_java_clients_with_shield.html#transport-client

According to this page: http://noamt.github.io/elasticsearch-grails-plugin/guide/configuration.html, I think you need to use elasticSearch.path.plugins and elasticSearch.bootstrap.transportSettings.file settings


(Pvsousalima) #3

Thanks for your reply @jaymode !!!

I'm using the version 1.7.0 of elasticsearch. And its respective version for shield, the one that supports elasticsearch = 1.x.x

Where do I put that settings file? any clue?


(Jay Modi) #4

In that case, you will want to look at the documentation for Shield 1.3: https://www.elastic.co/guide/en/shield/shield-1.3/_using_elasticsearch_java_clients_with_shield.html

I'm not sure where to put the settings file in a grails application; you may need to contact the author of this grails plugin or a community support site for it if one exists.


(system) #5