I have implemented serchguard 1.7.3 with Elastic Search 1.7.0.
All is working fine and users are prompted for passwords.
However when a readonly user runs:
curl -u searchUser -XGET
‘http://:9200/_nodes/?pretty’
and provides the correct password, all info is displayed including all users and all passwords from yml file.
following are the settings for users in yml file:
"db_ro_filter" : {
"forbidden_actions" : [ "cluster:admin*", "indices:admin*", "indices:data/write/*" ],
"allowed_actions" : [ "indices:data/read/*", "indices:monitor*", "cluster:monitor/nodes/info*", "cluster:monitor/health*" ]
}
},
"transport_auth" : {
"enabled" : "true"
}
Can anyone help me to identify what settings I need to specify so only admin user can see details about all users/passwords configured.
Thank you,
Eva
Please note that we do not maintain Search Guard 1.x actively an more, and we recommend to upgrade to ES 2.x and SG 2:
https://github.com/floragunncom/search-guard-attic/wiki
Thanks,
Jochen
···
Am Dienstag, 14. Juni 2016 22:42:06 UTC+2 schrieb Eva Migacz:
I have implemented serchguard 1.7.3 with Elastic Search 1.7.0.
All is working fine and users are prompted for passwords.
However when a readonly user runs:
curl -u searchUser -XGET
‘http://:9200/_nodes/?pretty’
and provides the correct password, all info is displayed including all users and all passwords from yml file.
following are the settings for users in yml file:
"db_ro_filter" : {
"forbidden_actions" : [ "cluster:admin*", "indices:admin*", "indices:data/write/*" ],
"allowed_actions" : [ "indices:data/read/*", "indices:monitor*", "cluster:monitor/nodes/info*", "cluster:monitor/health*" ]
}
},
"transport_auth" : {
"enabled" : "true"
}
Can anyone help me to identify what settings I need to specify so only admin user can see details about all users/passwords configured.
Thank you,
Eva