Could not find required attribute 'readonlyrest'

shota · May 1, 2018, 7:51am

Hi I have ES with readonlyrest plugin, it works without ldap configuration, but when I write configuration for my active directory elasticsearch does not start and gives an error:

2018-05-01 11:45:03 Commons Daemon procrun stderr initialized
Exception in thread “main” ings.SettingsMalformedException: Could not find required attribute ‘readonlyrest’
at tech.beshu.ror.commons.settings.RawSettings.req(RawSettings.java:84)
at tech.beshu.ror.commons.settings.RawSettings.inner(RawSettings.java:191)
at tech.beshu.ror.commons.settings.BasicSettings.(BasicSettings.java:84)
…
…
…

thisis my readonlyrest.yml

readonlyrest:
enable: true
ssl:
keystore_file: “key.jks”
keystore_pass: secret2
key_pass: secret3
allowed_protocols: [TLSv1.2]

response_if_req_forbidden: Access denied!!!

access_control_rules:

- name: "CONTAINER ADMIN"
  type: allow
  auth_key: user:fdjbvhjf

- name: Accept requests from AD users
  ldap_auth:
      name: "ldap1"
      groups: ["grp1", "grp2"]
  indices: ["*"]

ldaps:

- name: ldap1
  host: "hqdc.hq.tbc"
  port: 389
  ssl_enabled: false
  ssl_trust_all_certs: true
  bind_dn: "CN=search user,OU=TechUsers,DC=ab,DC=asd"
  bind_password: "secret1"
  search_user_base_DN: "OU=Users,OU=Domain Users & Groups,DC=ab,DC=asd"
  user_id_attribute: "sAMAccountName"
  search_groups_base_DN: "OU=Groups,OU=Domain Users & Groups,DC=ab,DC=asd"
  unique_member_attribute: "member"
  connection_pool_size: 10
  connection_timeout_in_sec: 10
  request_timeout_in_sec: 10
  cache_ttl_in_sec: 60

any idea?

sscarduzio · May 1, 2018, 3:53pm

Hello @shota!

I just fixed this. What ES version do you use?

shota · May 3, 2018, 7:00am

Hello
I use 6.2.2 version of ES
thank you for reply

sscarduzio · May 3, 2018, 8:57am

OK in that version you should not have the issue I fixed. That makes me think that above that error(s) there will be something about the YAML syntax.

Look at the very beginning, as there will be a long chain of errors due to the multiple attempts.

danielmotaleite · May 14, 2018, 6:55pm

also try to run yamllint against the file, it will report errors in the yaml. You can ignore the errors about long lines, as ROR do work fine with those.