I’m running elasticsearch-5.6.3 and readonlyrest-1.16.13.-pre1_es5.6.3.zip on RHEL.
I successfully tested Basic Auth (Base64) using users and groups in elasticsearch.yml and running cURL on server shell (where the es is running).
Unfortunately the same scenario is not working for me when using SHA256.
Here is the ror settings in my es yml file:
readonlyrest: enable: true response_if_req_forbidden: "Access denied!!!" access_control_rules: - name: "Accepts requests from user in group team2 on index movies" type : allow groups: ("team2") #square brackets are here actions: ("cluster:monitor/main", "indices:data/read/*") indices: ("movies") users: - username: tstusr3 auth_key_sha256: *** groups: ("team2")
Running curl as
curl -HGET -H 'Authorization: ***' '184.108.40.206:9200/movies/movie/1?pretty'
returns “Access denied!!!”
Log file shows:
FORBIDDEN by default ... USR: no basic auth header... BRS:true IDX:movies HDR:Accept, Authorization, content-length, Host, User-Agent, HIS: Accept requests from users in group team2 on index movies-(groups-false)
The value *** in the auth_key_sha256 has been generated by hashing the value tstusr3:tstpwd3 which actually is something like f74k…63nm.
I couldn’t figure out what is missing here.
Any advise or help will be appreciated.
Thanks in advance.