在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:elasticfence/elasticsearch-http-user-auth开源软件地址:https://github.com/elasticfence/elasticsearch-http-user-auth开源编程语言:Java 86.8%开源软件介绍:Elasticfence - Elasticsearch HTTP Basic User Auth pluginElasticsearch user authentication plugin with http basic auth and IP ACL This plugin provides user authentication APIs and a User management web console. Installationbin/plugin install https://raw.githubusercontent.com/elasticfence/elasticsearch-http-user-auth/5.1.2/jar/elasticfence-5.1.2-SNAPSHOT.zip Build with Mavenmvn package clean bin/plugin install file:///path/to/repo/jar/elasticfence-5.1.2-SNAPSHOT.zip ConfigurationEnabling/Disabling Elasticfenceelasticfence.disabled: false To disable the plugin set Root Accesselasticfence.root.password: rootpassword To set the root password on each start use Only the root user can access ES's root APIs (like /_cat, /_cluster) and all indices. Other users can access URLs under their own indices that are specified with this plugin's API. Sharding Schemeelasticfence.number_of_shards: 1 elasticfence.number_of_replicas: 3 Omit these config options to use the Elasticsearch defaults (currently 5 and 1 respectively), otherwise set them according to desired level of redundancy and cluster scheme. Basic IP ACLIPs contained in whitelist array will bypass authentication, blacklisted IPs will be blocked. All other IPs will show an authentication window. elasticfence.whitelist: ["127.0.0.1", "10.0.0.1"] elasticfence.blacklist: ["127.0.0.2", "10.0.0.99"] To block all IPs that are not in the whitelist, use the following option for elasticfence.blacklist: ["*"] Kibana 4Add index filter "/.kibana" to a your_custom_username which you created on Elasticfence and set it in kibana.yml: elasticsearch.username: your_custom_username elasticsearch.password: your_custom_password Add permissions to your kibana users using regex filters: /index.*,/_.*,/.kibana,/ Kibana 4.x Auth PluginTo facilitate users and improve security, the optional Kibana Auth plugin can be deployed alongside Elastifence:
Add username and password on HTTP requestsThe authentication method of this plugin is Basic Authentication. Therefore, you should add your username and password on URL string. For example: http://root:[email protected]:9200/ CURLcurl -u root:rootpassword http://your.elasticsearch.hostname:9200/ {
"status" : 200,
"name" : "Piranha",
"cluster_name" : "elastic1",
"version" : {
"number" : "1.7.3",
"build_hash" : "05d4530971ef0ea46d0f4fa6ee64dbc8df659682",
"build_timestamp" : "2015-10-15T09:14:17Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
"tagline" : "You Know, for Search"
} Plugins using ES's REST API also have to be set root password in their configurations. The ways of configuring Marvel and Kibana 4 are below: Marvelelasticsearch.yml: marvel.agent.exporter.es.hosts: ["root:[email protected]:9200"] User Management ConsoleUser Management APIThis plugin provides a web API to manage users and permissions. Add User:http://your.elasticsearch.hostname:9200/_httpuserauth?mode=adduser&username=admin&password=somepass Add Index Permissions:http://your.elasticsearch.hostname:9200/_httpuserauth?mode=addindex&username=admin&index=index* Update Index Permissions:http://your.elasticsearch.hostname:9200/_httpuserauth?mode=updateindex&username=admin&index=index-* Delete User:http://your.elasticsearch.hostname:9200/_httpuserauth?mode=deleteuser&username=admin List User(s):http://your.elasticsearch.hostname:9200/_httpuserauth?mode=list [{
"username":"admin",
"password":"7080bfe27990021c562398e79823h920e9a38aa5d3b10c5ff5d8c498305",
"indices":["/_*"],
"created":"2015-11-06T21:57:21+0100"
}] |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论