JWT auth in free version

Sure, understood, i will explain this to the customer and try to convince him to purcharse Enterprise version, because of the support and cool kibana features.

Thank you.

Hi Simone.
I am heading the Information Retrieval Solutions team for a large Insurance company and as Sinedko explained to you we are currently using the Free version.
Now we are evaluating to buy the Enterprise license but before to make the decision it will help us to have more clarity on the issue Sinedko showed you, I see that you put free version under low priority but the issue is preventing us to move forward with the evaluation of the licensed one.
In order to give you more context: we are going to have different deployment: one already in place that requires LDAP and we are fine, one in progress that requires JWT and here we have the issue.
If at the end you will find the time to give us some heads up, it will be very appreciated.

Beside that, as I said we are in the process to buy the Enterprise license, for a couple of time I submitted a request on your portal to get a quote and be in contact for further questions but none replied to us.
In that respect, I would ask you if you can contact me, based on the request I already sent you or directly getting my contact from this blog.

Thank you a lot.

Kind regards,
Paolo.

Hi Paolo, sorry about the inconvenience, turns out our contact form had an issue. Just answering this thread for completeness, as we already have an email dialogue ongoing. Let’s continue over there.

Hello just for info, this issues is also present on 1.22.1, also that _cat/indices and _cat/aliases, i just updated the version and the bug is still there. Its quite annonying, because i cannot check aliases or all indices that certain user have.

We are considering to buy license but if those issues are present we are not very keen to do it. Hope you understand us.

Hi @Sinedko. We have scheduled the _cat/indices fix for the next week.

Please check out this build, because I think _cat/aliases may be already solved:

https://readonlyrest-data.s3.amazonaws.com/build/1.23.0-pre7/readonlyrest-1.23.0-pre7_es7.7.1.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA5SJIWBO54AGBERLX/20200916/eu-west-1/s3/aws4_request&X-Amz-Date=20200916T190734Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f38abd79039f658be552e7b042b97fd4b57a699c583e1917d80b7b0e10e7c1f5

i tested it now, but no changes, the _cat/aliases still respond with blank response, but the good thing is the JWT issue is solved, elastic started without any issues with JWT block

ok, i was happy, but the issue is there again, i did only one restart of es bevause of some change in readonlyrest and it appears again, so i cannot start es again when the jwt block is present

ok, noted. As I said - next week someone’s going to look at it

@Sinedko this weekend is release time for us, we will have this bumped in priority first thing next week.
Thanks for the patience.

Hi @Sinedko, I’ve been assigned to work on your issue with JWT token. I tried to reproduce this issue with provided Dockerfile and configuration files, unfortunately without any success. readonlyrest.yml had commented out JWT TEST section, but even after uncommenting it everything worked fine for me. Because some parts were still missing, like for example env file, I had to fill these gaps with some dummy data. I thought about how can we separate other factors and at the same time work on the same configuration. Because you are already using docker I created self-sufficient docker compose bundle based on what you sent. If you aren’t familiar with docker compose and you don’t have it on your system here’s page with instructions how to install it https://docs.docker.com/compose/install/. Please run ROR from this bundle and check if it still hangs on Loading ReadonlyREST settings from file:.

Here are instructions how to run it:

  1. Download this bundle ror-dc-bundle.zip (31.1 KB). It contains everything you sent + dummy data in env file + generated certs.
  2. Extract this archive in some convenient for you directory.
  3. Copy readonlyrest-1.23.0-pre7_es7.7.1.zip into plugins directory of extracted archive. It’s the same build coutoPL mentioned above. https://readonlyrest-data.s3.amazonaws.com/build/1.23.0-pre7/readonlyrest-1.23.0-pre7_es7.7.1.zip?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA5SJIWBO54AGBERLX/20200916/eu-west-1/s3/aws4_request&X-Amz-Date=20200916T190734Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f38abd79039f658be552e7b042b97fd4b57a699c583e1917d80b7b0e10e7c1f5
  4. Open terminal and go to root directory of extracted archive, where docker-compose.yml file is located.
  5. Run docker-compose up -d. It will build image using Dockerfile and run it in the background.

You don’t have to create data and log directory, they will be created by docker compose in the same directory where docker-compose.yml file is located. Additionally your previous data and logs won’t be overwritten as this compose is configured to work and modify data only inside of directory where docker-compose.yml file is located.

After you run this bundle please check and let me know if ES still hangs on Loading ReadonlyREST settings from file:. Please also let me know if you have additional questions.