2

I've installed Shield plugin for ES and configured users with roles. But when I try to index some data with configured user, I always received this error:

[2015-11-22 10:31:58,795][INFO ][rest.suppressed          ] /app-nginx-stats-2015-11-22/http-stats Params: {}
ElasticsearchSecurityException[unable to authenticate user [es_admin] for REST request [/app-nginx-stats-2015-11-22/http-stats]]
        at org.elasticsearch.shield.support.Exceptions.authenticationError(Exceptions.java:39)

I know about issue with @ in password so I've changed it to 123456 - doesn't help. I also executed esusers list on ES node and I see my users in the output.

So what other common mistakes could lead to "unable to authenticate user" error? Or how can I debug such issues?

4ybaka
  • 2,954
  • 4
  • 16
  • 21
  • Any luck figuring out an answer to this problem, OP? I too am getting an error like this: [2015-12-10 19:42:01,361][INFO ][rest.suppressed ] /INDEXNAME/TYPE/_bulk Params: {} ElasticsearchSecurityException[unable to authenticate user [admin] for REST request [/INDEXNAME/TYPE/_bulk]] at org.elasticsearch.shield.support.Exceptions.authenticationError(Exceptions.java:39) at org.elasticsearch.shield.authc.DefaultAuthenticationFailureHandler.unsuccessfulAuthentication(DefaultAuthenticationFailureHandler.java:35) Not much documentation for me to go by... – Brian Anderson Dec 10 '15 at 22:04
  • @BrianAnderson no,I've figured out that there are no edition of Shield for small projects and I don't want to buy subscription. So I've implemented next solution: Docker container with ES+Kibana+nginx. Public endpoints has only Nginx and all of them use ssl. ES endpoint in nginx requires client certificate for authentication. So it adds restriction to use only http protocol by clients. Kibana endpoint in nginx requires x-api-key header. To use Kibana you need any plugin for browser which will add specific header to each request. So unauthorized access is closed and it's enough for me – 4ybaka Dec 10 '15 at 22:24

0 Answers0