How to disable basic authentication

Hi,

I want to start with simple https communication with ES nodes.
I don’t want basic auth yet, I can’t find any config parameter that disables basic auth

this is set to false, https://github.com/floragunncom/search-guard/blob/master/searchguard_config_template.yml#L79

searchguard.ssl.transport.http.enforce_clientauth: false

I get then when I make a curl request

···

HTTP/1.1 401 Unauthorized
< WWW-Authenticate: Basic realm=“Search Guard”

searchguard.authentication.http_authenticator.impl: com.floragunn.searchguard.authentication.http.HTTPUnauthenticatedAuthenticator

searchguard.authentication.authentication_backend.impl: com.floragunn.searchguard.authentication.backend.simple.AlwaysSucceedAuthenticationBackend

should help

But we will add a dedicated option for that within one of the next releases.

searchguard.ssl.transport.http.enforce_clientauth: false is about mutual ssl authentication, this should be true if you want that the browser (client) will identify itself to server. I guess for your usecase you should set it to false but its not related to you above mentioned problem. see https://en.wikipedia.org/wiki/Mutual_authentication

···

Am Samstag, 20. Juni 2015 21:38:26 UTC+2 schrieb Pradeep Reddy:

Hi,

I want to start with simple https communication with ES nodes.
I don’t want basic auth yet, I can’t find any config parameter that disables basic auth

this is set to false, https://github.com/floragunncom/search-guard/blob/master/searchguard_config_template.yml#L79

searchguard.ssl.transport.http.enforce_clientauth: false

I get then when I make a curl request

HTTP/1.1 401 Unauthorized
< WWW-Authenticate: Basic realm=“Search Guard”