2015-07-15 13:02:11 -04:00
|
|
|
=== Using Elasticsearch HTTP/REST Clients with Shield
|
2015-07-13 06:31:34 -04:00
|
|
|
|
|
|
|
Elasticsearch works with standard HTTP http://en.wikipedia.org/wiki/Basic_access_authentication[basic authentication]
|
|
|
|
headers to identify the requester. Since Elasticsearch is stateless, this header must be sent with every request:
|
|
|
|
|
|
|
|
[source,shell]
|
|
|
|
--------------------------------------------------
|
|
|
|
Authorization: Basic <TOKEN> <1>
|
|
|
|
--------------------------------------------------
|
|
|
|
<1> The `<TOKEN>` is computed as `base64(USERNAME:PASSWORD)`
|
|
|
|
|
2015-07-15 13:02:11 -04:00
|
|
|
[float]
|
2015-07-13 06:31:34 -04:00
|
|
|
==== Client examples
|
|
|
|
|
|
|
|
This example uses `curl` without basic auth to create an index:
|
|
|
|
|
|
|
|
[source,shell]
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
curl -XPUT 'localhost:9200/idx'
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
[source,json]
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
{
|
|
|
|
"error": "AuthenticationException[Missing authentication token]",
|
|
|
|
"status": 401
|
|
|
|
}
|
|
|
|
-------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
Since no user is associated with the request above, an authentication error is returned. Now we'll use `curl` with
|
|
|
|
basic auth to create an index as the `rdeniro` user:
|
|
|
|
|
|
|
|
[source,shell]
|
|
|
|
---------------------------------------------------------
|
|
|
|
curl --user rdeniro:taxidriver -XPUT 'localhost:9200/idx'
|
|
|
|
---------------------------------------------------------
|
|
|
|
|
|
|
|
[source,json]
|
|
|
|
---------------------------------------------------------
|
|
|
|
{
|
|
|
|
"acknowledged": true
|
|
|
|
}
|
|
|
|
---------------------------------------------------------
|
|
|
|
|
2015-07-15 13:02:11 -04:00
|
|
|
[float]
|
2015-07-13 06:31:34 -04:00
|
|
|
==== Client Libraries over HTTP
|
|
|
|
|
|
|
|
For more information about how to use Shield with the language specific clients please refer to
|
|
|
|
https://github.com/elasticsearch/elasticsearch-ruby/tree/master/elasticsearch-transport#authentication[Ruby],
|
|
|
|
http://elasticsearch-py.readthedocs.org/en/master/#ssl-and-authentication[Python],
|
|
|
|
https://metacpan.org/pod/Search::Elasticsearch::Role::Cxn::HTTP#CONFIGURATION[Perl],
|
|
|
|
http://www.elastic.co/guide/en/elasticsearch/client/php-api/current/_security.html[PHP],
|
|
|
|
http://nest.azurewebsites.net/elasticsearch-net/security.html[.NET],
|
|
|
|
http://www.elastic.co/guide/en/elasticsearch/client/javascript-api/current/auth-reference.html[Javascript]
|
|
|
|
|
|
|
|
////
|
|
|
|
Groovy - TODO link
|
|
|
|
////
|