I have a Ruby On Rails app deployed on Heroku, Im using the ElasticSearch add-on, my elastic search clusters were working normally but recently ElasticSearch add-on required all clusters to enforce authentication to protect the data that is inside of the hosted cluster, now on every request we try to make we receive the following exception:
Tire::Search::SearchRequestFailed (401 : {"error":{"root_cause":[{"type":"security_exception","reason":"action [indices:data/read/search] requires authentication","header":{"WWW-Authenticate":"Basic realm=\\"shield\\" charset=\\"UTF-8\\""}}],"type":"security_exception","reason":"action [indices:data/read/search] requires authentication","header":{"WWW-Authenticate":"Basic realm=\\"shield\\" charset=\\"UTF-8\\""}},"status":401}):
We configured some users from the Shield plugin that comes with Elasticsearch, however Im not sure how can I enter this authentication from my ruby On Rails application, Im using Tire to integrate elastic search in my Ruby On Rails app, but I can't find were can I put this information in order to authenticate my app and solve this issue.
We would like to know how to authenticate using these two gems: ElasticSearch-rails and Tire
I recommend the use of elasticsearch-rails instead of tire (abbandoned).
With elasticsearch-rails:
gemfile
gem 'elasticsearch'
gem 'elasticsearch-model'
gem 'elasticsearch-rails'
Do the models searchable
Apply the feature extraction pattern (searchable concern) to your models.
Configure your elastic search client
for all models in an initializer ( config/initializers/elastic_search_client.rb
or whatever) with auth using common URL format
Elasticsearch::Client.new url: 'https://username:password@api.server.org:4430/search
'
or with auth using a hash
Elasticsearch::Client.new hosts: [
{ host: 'my-protected-host',
port: '443',
user: 'USERNAME',
password: 'PASSWORD',
scheme: 'https'
} ]
take a look at advanced client options for additional information.
Note: I did not test it by myself, this is the theory, maybe something is missing, check the elasticsearch-rails docs .
I hope this helps.
You can set ELASTICSEARCH_URL
environment variable to https://USER:PASSWORD@some.domain:9200
.
This works because the client initialized by the elasticsearch-rails
gem will actually be that of elastic-transport-ruby
gem, and the client of this gem will use ELASTICSEARCH_URL
environment variable, as defined in here: https://github.com/elastic/elastic-transport-ruby/blob/1dcb6c9db68dba70958e99d50e35a577d7d7f628/lib/elastic/transport/client.rb#L139-L144
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.