Search guard version1.7.3

I have implemented serchguard 1.7.3 with Elastic Search 1.7.0.

All is working fine and users are prompted for passwords.

However when a readonly user runs:

curl -u searchUser -XGET
‘http://:9200/_nodes/?pretty’

and provides the correct password, all info is displayed including all users and all passwords from yml file.

following are the settings for users in yml file:

        "db_ro_filter" : {
          "forbidden_actions" : [ "cluster:admin*", "indices:admin*", "indices:data/write/*" ],
          "allowed_actions" : [ "indices:data/read/*", "indices:monitor*", "cluster:monitor/nodes/info*", "cluster:monitor/health*" ]
        }
      },
      "transport_auth" : {
        "enabled" : "true"
      }

Can anyone help me to identify what settings I need to specify so only admin user can see details about all users/passwords configured.

Thank you,

Eva

Please note that we do not maintain Search Guard 1.x actively an more, and we recommend to upgrade to ES 2.x and SG 2:

Thanks,

Jochen

···

Am Dienstag, 14. Juni 2016 22:42:06 UTC+2 schrieb Eva Migacz:

I have implemented serchguard 1.7.3 with Elastic Search 1.7.0.

All is working fine and users are prompted for passwords.

However when a readonly user runs:

curl -u searchUser -XGET
‘http://:9200/_nodes/?pretty’

and provides the correct password, all info is displayed including all users and all passwords from yml file.

following are the settings for users in yml file:

        "db_ro_filter" : {
          "forbidden_actions" : [ "cluster:admin*", "indices:admin*", "indices:data/write/*" ],
          "allowed_actions" : [ "indices:data/read/*", "indices:monitor*", "cluster:monitor/nodes/info*", "cluster:monitor/health*" ]
        }
      },
      "transport_auth" : {
        "enabled" : "true"
      }

Can anyone help me to identify what settings I need to specify so only admin user can see details about all users/passwords configured.

Thank you,

Eva