How to add authentication to elastic transport client. Are there any opensource authentication plugins for elastic search. I tried with readonlyrest and searchguard but both of them did not satisfy my requirement.
Asked
Active
Viewed 2,537 times
0
-
was are your requirements? – Search Guard Apr 29 '17 at 17:54
-
Yes i want to add authentication to transport client – Shashank Gutha May 01 '17 at 05:43
-
that of course possible with Search Guard https://floragunn.com/transport-client-authentication-authorization/ – Search Guard May 01 '17 at 08:07
1 Answers
4
To use transport level authentication with Search Guard do:
- Set up a transport client, and configure it to use a client certificate when talking to Elasticsearch
- Configure the Distinguished Name of the certificate as a Search Guard user. This user does not need any login credentials or roles since it is already identified by its certificate
- Send a Basic Authentication header with each request. This header contains the username and password and want to use for this request
- Search Guard will apply all security checks for the provided credentials, as if they would have been provided on the REST level
- This means you can implement access control based on indices and types, and also apply document- and field-level security on the transport level.
See also https://floragunn.com/transport-client-authentication-authorization/
Search Guard
- 395
- 1
- 7
-
-
Did it help? In my case the elasticsearch server always getting `No index-level perm match for User [name=_sg_internal, roles=[]]` It doesn't recognise the user name if call was made from Java – sanjeev Jul 26 '17 at 22:38