Could not find required attribute 'readonlyrest'


(Shota) #1

Hi I have ES with readonlyrest plugin, it works without ldap configuration, but when I write configuration for my active directory elasticsearch does not start and gives an error:

2018-05-01 11:45:03 Commons Daemon procrun stderr initialized
Exception in thread “main” ings.SettingsMalformedException: Could not find required attribute 'readonlyrest’
at tech.beshu.ror.commons.settings.RawSettings.req(RawSettings.java:84)
at tech.beshu.ror.commons.settings.RawSettings.inner(RawSettings.java:191)
at tech.beshu.ror.commons.settings.BasicSettings.(BasicSettings.java:84)


thisis my readonlyrest.yml

readonlyrest:
enable: true
ssl:
keystore_file: "key.jks"
keystore_pass: secret2
key_pass: secret3
allowed_protocols: [TLSv1.2]

response_if_req_forbidden: Access denied!!!

access_control_rules:

- name: "CONTAINER ADMIN"
  type: allow
  auth_key: user:fdjbvhjf

- name: Accept requests from AD users
  ldap_auth:
      name: "ldap1"
      groups: ["grp1", "grp2"]
  indices: ["*"]

ldaps:

- name: ldap1
  host: "hqdc.hq.tbc"
  port: 389
  ssl_enabled: false
  ssl_trust_all_certs: true
  bind_dn: "CN=search user,OU=TechUsers,DC=ab,DC=asd"
  bind_password: "secret1"
  search_user_base_DN: "OU=Users,OU=Domain Users & Groups,DC=ab,DC=asd"
  user_id_attribute: "sAMAccountName"
  search_groups_base_DN: "OU=Groups,OU=Domain Users & Groups,DC=ab,DC=asd"
  unique_member_attribute: "member"
  connection_pool_size: 10
  connection_timeout_in_sec: 10
  request_timeout_in_sec: 10
  cache_ttl_in_sec: 60

any idea?


(Simone Scarduzio) #2

Hello @shota!

I just fixed this. What ES version do you use?


(Shota) #3

Hello
I use 6.2.2 version of ES
thank you for reply


(Simone Scarduzio) #4

OK in that version you should not have the issue I fixed. That makes me think that above that error(s) there will be something about the YAML syntax.

Look at the very beginning, as there will be a long chain of errors due to the multiple attempts.


(Daniel Mota Leite) #5

also try to run yamllint against the file, it will report errors in the yaml. You can ignore the errors about long lines, as ROR do work fine with those.