{ "error" : "RuntimeException[java.lang.RuntimeException: Attempt from null to _all indices for indices:data/read/search and User [name=admin, roles=[admin]]]; nested: RuntimeException[Attempt from null to _all indices for indices:data/read/search and User [name=admin, roles=[admin]]]; ", "status" : 500 }
Issue2:
Configured kibana with localhost:9200, kibana is able to start but no where authentication details asked.
Configured kibana with ipaddress:9200, kibana was not able to star to only. Request Time Out Exception is coming.
I am sharing the configuration of elasticsearch.yml also
ElasticSearch.yml:
searchguard.enabled: true
searchguard.check_for_root: false
searchguard.key_path: C:/Test/searchguard_node.key
searchguard.config_index_name: searchguard
searchguard.http.enable_sessions: false
searchguard.allow_all_from_loopback: true
searchguard.authentication.authentication_backend.impl: com.floragunn.searchguard.authentication.backend.simple.SettingsBasedAuthenticationBackend
searchguard.authentication.authentication_backend.cache.enable: true
searchguard.authentication.authorizer.impl: com.floragunn.searchguard.authorization.simple.SettingsBasedAuthorizator
searchguard.authentication.authorizer.cache.enable: true
searchguard.authentication.http_authenticator.impl: com.floragunn.searchguard.authentication.http.basic.HTTPBasicAuthenticator
searchguard.authentication.settingsdb.user.admin: password
searchguard.authentication.settingsdb.user.manager: password
searchguard.authentication.authorization.settingsdb.roles.admin: ["admin"]
searchguard.authentication.authorization.settingsdb.roles.manager: ["manager"]
searchguard.flsfilter.names: ["manager"]
searchguard.flsfilter.marketig.source_excludes: ["username","email"]
searchguard.actionrequestfilter.names: ["readonly"]
searchguard.actionrequestfilter.readonly.allowed_actions: ["indices:data/read/*", "*monitor*"]
searchguard.actionrequestfilter.readonly.forbidden_actions: ["cluster:admin*", "indices:admin*", "indices:data/write*"]
Please do the needful.
Thanks,
Lakshmi.
- {
- "_index": "searchguard",
- "_type": "ac",
- "_id": "ac",
- "_version": 1,
- "found": true,
- "_source":
- {
- "acl":
- [
- {
- "__Comment__": "Default is to execute all filters",
- "filters_bypass":
- [
- ],
- "filters_execute":
- [
- "*"
- ]
- },
- {
- "__Comment__": "Any authenticated user do anything on the 'public' index - no filter will be executed",
- "indices":
- [
- "logstash-2015.06.02"
- ],
- "filters_bypass":
- [
- "*"
- ],
- "filters_execute":
- [
- ]
- },
- {
- "__Comment__": "This means any user with the role starfleet or command can do anything with the starfleetinfos index",
- "roles":
- [
- "manager",
- "command"
- ],
- "indices":
- [
- "logstash-2014.12.04"
- ],
- "filters_bypass":
- [
- "*"
- ],
- "filters_execute":
- [
- ]
- },
- {
- "__Comment__": "This means that every requestor (regardless of the requestors hostname and username) which has the root role can do anything",
- "roles":
- [
- "admin"
- ],
- "filters_bypass":
- [
- "*"
- ],
- "filters_execute":
- [
- ]
- }
- ]
- }
- }
I tried to login with credentails, Username:admin and Password:password. Which is of admin role. and Here is the acl configuration for admin.Thanks a lot.Lakshmi.