I'm running elasticsearch-5.6.3 and readonlyrest-1.16.13.-pre1_es5.6.3.zip on RHEL.
I successfully tested Basic Auth (Base64) using users and groups in elasticsearch.yml and running cURL on server shell (where the es is running).
Unfortunately the same scenario is not working for me when using SHA256.
Here is the ror settings in my es yml file:
response_if_req_forbidden: "Access denied!!!"
- name: "Accepts requests from user in group team2 on index movies"
type : allow
groups: ("team2") #square brackets are here
actions: ("cluster:monitor/main", "indices:data/read/*")
- username: tstusr3
Running curl as
curl -HGET -H 'Authorization: ***' '184.108.40.206:9200/movies/movie/1?pretty'
returns "Access denied!!!"
Log file shows:
FORBIDDEN by default ...
USR: no basic auth header...
HDR:Accept, Authorization, content-length, Host, User-Agent,
HIS: Accept requests from users in group team2 on index movies-(groups-false)
The value *** in the auth_key_sha256 has been generated by hashing the value tstusr3:tstpwd3 which actually is something like f74k.....63nm.
I couldn't figure out what is missing here.
Any advise or help will be appreciated.
Thanks in advance.