Unable to login

Elastic Search
1

Hi,

I've just installed Elasticsearch, Kibana and Enterprise Search via docker on desktop.
It is a three node elastic cluster with Kibana and enterprise search https://www.elastic.co/guide/en/elastic-stack-get-started/current/get-started-docker.html#get-started-docker-tls

I can see in the logs

#########################################################

Success! Elastic Enterprise Search is starting successfully.

In a few moments, you'll be able to login at the following address:

 * URL: http://localhost:3002
 * If this is your first time starting Enterprise Search, check the console output above for your user authentication credentials.

    etc

#########################################################

and also

#########################################################
*** Default user credentials have been setup. These are only printed once, so please ensure they are recorded. ***

username: enterprise_search
password: ****

#########################################################

However when I attempt to access https://localhost:3002/login
using the enterprise_search user and password from the console I get "Username or password is incorrect"

The password displayed is the same as ENT_SEARCH_DEFAULT_PASSWORD from the docker compose file.

I've also tried the elastic password, but same result "Username or password is incorrect"

I've checked the log files and there isn't anything useful in there.

Any ideas?

Thanks Georgina

2

Additionally I have tried the docker compose files at

And when everything has started
Open http://localhost:3002 and attempted to login with enterprise_search / changeme account.

with the same result "Username or password is incorrect".

3

That's really weird. Can you paste the Dockerfile / Docker compose file you're using (without your password, of course)?

Did you change anything from David's post? I just followed his walkthrough of using docker-compose and it worked beautifully.

4

I used David's files exactly as is, simply copy/pasted into new files on my local computer and ran
docker-compose -f docker-compose.yml -f docker-compose-enterprise-search.yml up

I have found the following lines in the logs that suggest a problem when attempting to login as enterprise_search. However, I'm not sure how to fix it.

enterprisesearch_1  | [2020-12-07T02:56:51.687+00:00][1][2512][app-server][INFO]: [d315be3b-f601-4318-b644-d542a17a9d18] Started POST "/authenticate/sign_in" for 172.25.0.1 at 2020-12-07 02:56:51 +0000
enterprisesearch_1  | [2020-12-07T02:56:51.698+00:00][1][2512][action_controller][INFO]: [d315be3b-f601-4318-b644-d542a17a9d18] Processing by SharedTogo::AuthenticateController#login as */*
enterprisesearch_1  | [2020-12-07T02:56:51.699+00:00][1][2512][action_controller][INFO]: [d315be3b-f601-4318-b644-d542a17a9d18]   Parameters: {"auth_strategy"=>"password", "user"=>{"email"=>"enterprise_search", "password"=>"[FILTERED]"}, "host"=>"localhost:3002", "protocol"=>"http"}
enterprisesearch_1  | [2020-12-07T02:56:51.703+00:00][1][2512][action_controller][WARN]: [d315be3b-f601-4318-b644-d542a17a9d18] Can't verify CSRF token authenticity
enterprisesearch_1  | [2020-12-07T02:56:51.705+00:00][1][2512][action_controller][INFO]: [d315be3b-f601-4318-b644-d542a17a9d18] Completed 422 Unprocessable Entity in 5ms
enterprisesearch_1  | [2020-12-07T02:56:51.714+00:00][1][2512][app-server][ERROR]: [d315be3b-f601-4318-b644-d542a17a9d18] Exception: ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken
enterprisesearch_1  | /usr/share/enterprise-search/lib/war/gems/gems/actionpack-4.2.11.3/lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request': ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken)
enterprisesearch_1  |   from /usr/share/enterprise-search/lib/war/gems/gems/actionpack-4.2.11.3/lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
enterprisesearch_1  |   from /usr/share/enterprise-search/lib/war/gems/gems/devise-4.7.1/lib/devise/controllers/helpers.rb:255:in `handle_unverified_request'
enterprisesearch_1  |   from /usr/share/enterprise-search/lib/war/gems/gems/actionpack-4.2.11.3/lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'

docker-compose.yml

version: '3'
services:

  elasticsearch:
    image: $IMG_ELASTICSEARCH:$ELASTIC_VERSION
    environment:
      - bootstrap.memory_lock=true
      - discovery.type=single-node
      - "ES_JAVA_OPTS=-Xms3g -Xmx3g"
      - cluster.routing.allocation.disk.threshold_enabled=false
      - ELASTIC_PASSWORD=$ELASTIC_PASSWORD
      - xpack.security.enabled=true
      - xpack.security.authc.api_key.enabled=true
      - xpack.ml.enabled=false
    ulimits:
      memlock:
        soft: -1
        hard: -1
    ports: ["$ELASTICSEARCH_PORT:$ELASTICSEARCH_PORT"]
    networks: ['fscrawler_it']

networks:
  fscrawler_it: {}

docker-compose-enterprise-search.yml

version: '3'
services:

  enterprisesearch:
    image: $IMG_ENTERPRISE_SEARCH:$ELASTIC_VERSION
    environment:
      - "ent_search.auth.source=standard"
      - "elasticsearch.username=elastic"
      - "elasticsearch.password=$ELASTIC_PASSWORD"
      - "elasticsearch.host=http://elasticsearch:9200"
      - "allow_es_settings_modification=true"
      - "secret_management.encryption_keys=[XYZ]"
      - "ENT_SEARCH_DEFAULT_PASSWORD=$ELASTIC_PASSWORD"
    ports: ["$ENTERPRISE_SEARCH_PORT:$ENTERPRISE_SEARCH_PORT"]
    networks: ['fscrawler_it']
    links: ['elasticsearch']
    depends_on: ['elasticsearch']
    restart: always

networks:
  fscrawler_it: {}

.env

# Elastic Stack settings
ELASTIC_VERSION=7.10.0
ELASTIC_PASSWORD=changeme

# Elasticsearch settings
IMG_ELASTICSEARCH=docker.elastic.co/elasticsearch/elasticsearch
ELASTICSEARCH_PORT=9200

# Enterprise Search settings
IMG_ENTERPRISE_SEARCH=docker.elastic.co/enterprise-search/enterprise-search
ENTERPRISE_SEARCH_PORT=3002
5

How are you connecting to the running instance? I see the IP 172.25.0.1 in there. Enterprise Search is running on your localhost. Are you visiting http://localhost:3002 in order to log in?

Do you have the latest docker images? Does it help to run docker-compose pull?

6

Hi,

I am visiting http://localhost:3002 , and I have run docker-compose pull to make sure I am running the latest docker images.
I even tried changing version to 7.9.3 to see if a different version would be any different, but no.
Same result and same error messages.

I am running docker desktop on windows, would that make a difference?

7

I just asked a colleague, who had an excellent idea. Maybe your browser is storing an old session cookie for the last instance you had running. Could you try and clear the _st_togo_session cookie in your browser and see if that helps?

8

FWIW, I tried reproducing with a simplified docker-compose setup and could not:

---
version: '3'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.0
    environment:
      - "discovery.type=single-node"
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - "xpack.security.enabled=true"
      - "xpack.security.authc.api_key.enabled=true"
      - "ELASTIC_PASSWORD=changeme"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    ports:
      - 9200:9200
    
  enterprisesearch:
    image: docker.elastic.co/enterprise-search/enterprise-search:7.10.0
    depends_on:
      - "elasticsearch"
    environment:
      - "ENT_SEARCH_DEFAULT_PASSWORD=changeme"
      - "elasticsearch.username=elastic"
      - "elasticsearch.password=changeme"
      - "elasticsearch.host=http://elasticsearch:9200"
      - "allow_es_settings_modification=true"
      - "secret_management.encryption_keys=[4a2cd3f81d39bf28738c10db0ca782095ffac07279561809eecc722e0c20eb09]"
      - "JAVA_OPTS=-Xms2g -Xmx2g"
    ports:
      - 3002:3002

Using the above, I was able to log in successfully with enterprise_search / changeme.

9

Clearing the _st_togo_session cookie did the trick.

So I am now able successfully login.

2 Likes
10 

Hello,

I'm in the same situation. I can't log in with any user. I have tried to delete cookies but without success.

With the user enterprise_search I can log into ElasticSearch.

I have tried multiple versions of Enterprise Search without success. I've tried mapping the enterprise-search.yml file inside the volumes section, but it doesn't recognize it.

Any ideas?
11

Are you using a docker compose file as above?

12

Hello Georgina,

My docker.compose is

enterprise-search:
#image: docker.elastic.co/enterprise-search/enterprise-search:7.10.1
image: docker.elastic.co/enterprise-search/enterprise-search:7.9.0
container_name: enterprise-search
ports:
- 3002:3002
environment:
- ENT_SEARCH_DEFAULT_PASSWORD="4b4tj4zxnzp3bctv"
- elasticsearch.host=http://elasticsearch:9200
- elasticsearch.username="elastic"
- elasticsearch.password="Admelastic"
- allow_es_settings_modification=true
- secret_management.encryption_keys=[4a2cd3f81d39bf28738c10db0ca782095ffac07279561809eecc722e0c20eb09]
- TZ=Europe/Madrid
#volumes:
# - /opt/appdata/enterprise-search:/usr/share/enterprise-search
# - /opt/appdata/enterprise-search/config/enterprise-search.yml:/usr/share/enterprise-search/config/enterprise-search.yml

restart: on-failure