Unable to connect elasticsearch server 5.6.9

(Juber Sheikh) #1

I have setup elasticsearch setup with latest version 5.6.9. I have configured elasticseach-head plugin in standalone mode. For kibana authentication, we have configured readonlyrest plugin. After configuring readonlyrest plugin elasticsearch server not connected to the elasticsearch-head. I have also mention header authorization but still is not working.

elasicesearch configuration file

---------------------------------- Network -----------------------------------
Set the bind address to a specific IP (IPv4 or IPv6):
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
Set a custom port for HTTP:
http.port: 9200
For more information, consult the network module documentation.

Readonlyrest.yml :-1:


response_if_req_forbidden: Forbidden by ReadonlyREST ES plugin


- name: "::LOGSTASH::"
  # auth_key is good for testing, but replace it with `auth_key_sha1`!
  auth_key: logstash:logstash
  actions: ["cluster:monitor/main","indices:admin/types/exists","indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"]
  indices: ["logstash-*"]

# We trust Kibana's server side process, full access granted via HTTP authentication
- name: "::KIBANA-SRV::"
  auth_key: kibana:kibana
  verbosity: error
  type: allow

FORBIDDEN by default req={ ID:121019886-517551234#262, TYP:MainRequest, CGR:N/A, USR:[no basic auth header], BRS:true, KDX:null, ACT:cluster:monitor/main, OA:, DA:, IDX:<N/A>, MET:HEAD, PTH:/, CNT:<N/A>, HDR:{Content-Length=0, Content-Type=application/json, Host=, User-Agent=Faraday v0.13.1}, HIS:[::LOGSTASH::->[auth_key->false]], [::KIBANA-SRV::->[auth_key->false]] }

(Simone Scarduzio) #2

Hi @jsjuber!
You forgot to tell Kibana to use the credentials you have set up in ROR:

See the docs paragraph

(Juber Sheikh) #3

Hi @sscarduzio
I was updated kibana credentials but still is not worked. kibana authentication is working but elasticsearch server not connected to elastic-head plugin after configuring readonlyrest plugin. I am getting frustrated totally.


elasticsearch.username: "kibana"
elasticsearch.password: “kibana”

(Simone Scarduzio) #4

Unfortunately Head does not seem to support basic auth?
The only way I managed to make it work is setting up in ROR

    prompt_for_basic_auth: false
    ...other settings...

And then opening a tab in the browser towards Elasticsearch directly (port 9200), setting the password from the prompt, and then go back to Head.

(Juber Sheikh) #5

As per your suggestion, I have configured ROR below like that

prompt_for_basic_auth: false

But I have to get an error on port http://ip:9200 on browser

{“error”:{“root_cause”:[{“reason”:“Forbidden by ReadonlyREST ES plugin”}],“reason”:“Forbidden by ReadonlyREST ES plugin”},“status”:403}

(Simone Scarduzio) #6

@jsjuber you have to indent it right, at the same height with “access_control_rules”

(Juber Sheikh) #7

Below I have attached my readonlyrest yml file configuration

Still, I have to get the same error on browser

(Simone Scarduzio) #8

OK this should not happen, are you sure you restarted the instance?
If you are using ROR PRO/Enterprise, make sure you don’t have in-index settings overriding this.

You should have 401 not 403