hello
I have installed elasticsearch + kibana 5.4.3
with readonlyrest readonlyrest-1.16.6_es5.4.3
in elasticsearch.yml configured:
readonlyrest:
prompt_for_basic_auth: true
access_control_rules:
- name: "::KIBANA-SRV::"
type: allow
auth_key: kibana_user:kibana_password
indices: [".kibana"]
- name: "Accept requests from users in group group1 on all indexes"
ldap_auth:
name: "ldap"
groups: ["group1"]
indices: ["*"]
type: allow
ldaps:
- name: ldap
host: ldaps_ip
port: 636
bind_dn: "cn=cn_name,ou=ou_Users,dc=mydomain,dc=co,dc=il"
bind_password: "password"
search_user_base_DN: "DC=mydomain,DC=co,DC=il"
search_groups_base_DN: "DC=mydomain,DC=co,DC=il"
ssl_enabled: true
ssl_trust_all_certs: true
user_id_attribute: "uid"
unique_member_attribute: "uid"
In the log I see:
[INFO ][o.e.p.r.e.IndexLevelActionFilter] [] forbidden request: { ID:, TYP:GetRequest, USR:, BRS:false, ACT:indices:data/read/get, OA:, IDX:.kibana, MET:GET, PTH:/.kibana/config/5.4.3, CNT:<OMITTED, LENGTH=0>, HDR:authorization,Connection,Content-Length,Host, HIS:[::KIBANA-SRV::->[auth_key->false]], [Accept requests from users in group DBA on all indexes->[ldap_authorization->false]] } Reason: null (null)
In the _access.log:
[INFO ][org.elasticsearch.plugin.readonlyrest.acl.ACL] ^[[31m no block has matched, forbidding by default: { ID:, TYP:GetRequest, USR:, BRS:false, ACT:indices:data/read/get, OA:, IDX:.kibana, MET:GET, PTH:/.kibana/config/5.4.3, CNT:<OMITTED, LENGTH=0>, HDR:authorization,Connection,Content-Length,Host, HIS:[::KIBANA-SRV::->[auth_key->false]], [Accept requests from users in group on all indexes->[ldap_authorization->false]] }^[[0m
The kibana server dont have access to the domain so I can’t configure the hostname only the IP of the host, maybe this is the problem?