我已经用kibana设置了一个本地Elasticsearch节点并设置了
xpack.security.enabled: true
在我计划进一步添加角色并希望增加文档级安全性时,我需要这样做。
Kibana和Elastic搜索都在各自的端口上启动并运行。我正在努力了解如何添加通过控制台操作的新文档。
curl -X PUT "localhost:9200/customer/_doc/1?pretty" -H 'Content-Type: application/json' -d'
{
"name": "John Doe"
}
'
此操作失败
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/customer/_doc/1?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/customer/_doc/1?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status" : 401
}
公平,我知道我需要获得一个身份验证令牌才能传递给curl。哪个API可以检索此信息,我在哪里可以找到示例。我尝试失败了。
curl -X POST "localhost:9200/_security/oauth2/token?pretty" -H 'Content-Type: application/json' -d'
{
"grant_type" : "client_credentials"
"username" : "elastic",
"password" : "VKZjNLBVBSeLS08sHDIN"
}
'
密码是在启动节点时自动生成的。
谢谢!
答案 0 :(得分:1)
通过卷曲:
curl -X PUT --basic -u {user}:{password} http://localhost:9200/customer/_doc/1?pretty
通过程序中的http请求:
1. Make the the base64 encoding for the string: ${user}:${password}
2. Add http header
key:"Authorization"
value:"Basic ${encode value in step 1}"
通过抬头卷曲:
curl -X PUT "localhost:9200/customer/_doc/1?pretty" -H 'Authorization:Basic ********' -H 'Content-Type: application/json' -d'
{
"name": "John Doe"
}
******** is the value of base64 encoding for the string: ${user}:${password}