stackoom
  简体   繁体   中英

Ruby On Rails: ElasticSearch authentication (Tire and ElasticSearch-rails)

 原文  2018-04-12 20:17:01       ruby-on-rails/ ruby-on-rails-4/ elasticsearch/ tire

Question

I have a Ruby On Rails app deployed on Heroku, Im using the ElasticSearch add-on, my elastic search clusters were working normally but recently ElasticSearch add-on required all clusters to enforce authentication to protect the data that is inside of the hosted cluster, now on every request we try to make we receive the following exception:

Tire::Search::SearchRequestFailed (401 : {"error":{"root_cause":[{"type":"security_exception","reason":"action [indices:data/read/search] requires authentication","header":{"WWW-Authenticate":"Basic realm=\\"shield\\" charset=\\"UTF-8\\""}}],"type":"security_exception","reason":"action [indices:data/read/search] requires authentication","header":{"WWW-Authenticate":"Basic realm=\\"shield\\" charset=\\"UTF-8\\""}},"status":401}):

We configured some users from the Shield plugin that comes with Elasticsearch, however Im not sure how can I enter this authentication from my ruby On Rails application, Im using Tire to integrate elastic search in my Ruby On Rails app, but I can't find were can I put this information in order to authenticate my app and solve this issue.

We would like to know how to authenticate using these two gems: ElasticSearch-rails and Tire

2 answers

solution1
 4 ACCPTED  2018-04-19 19:43:16

I recommend the use of elasticsearch-rails instead of tire (abbandoned).

With elasticsearch-rails:

gemfile 

gem 'elasticsearch'
gem 'elasticsearch-model'
gem 'elasticsearch-rails'

Do the models searchable

Apply the feature extraction pattern (searchable concern) to your models.

Configure your elastic search client

for all models in an initializer ( config/initializers/elastic_search_client.rb or whatever) with auth using common URL format

Elasticsearch::Client.new url: 'https://username:password@api.server.org:4430/search '

or with auth using a hash 

Elasticsearch::Client.new hosts: [
  { host: 'my-protected-host',
    port: '443',
    user: 'USERNAME',
    password: 'PASSWORD',
    scheme: 'https'
  } ]

take a look at advanced client options for additional information.

Note: I did not test it by myself, this is the theory, maybe something is missing, check the elasticsearch-rails docs .

I hope this helps.

solution2
 0  2021-12-17 10:49:53

You can set ELASTICSEARCH_URL environment variable to https://USER:PASSWORD@some.domain:9200 .

This works because the client initialized by the elasticsearch-rails gem will actually be that of elastic-transport-ruby gem, and the client of this gem will use ELASTICSEARCH_URL environment variable, as defined in here: https://github.com/elastic/elastic-transport-ruby/blob/1dcb6c9db68dba70958e99d50e35a577d7d7f628/lib/elastic/transport/client.rb#L139-L144

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question elasticsearch-rails VS (re)tire gem (Elasticsearch and Rails 3.2) Rails 4, elasticsearch-rails Ruby on rails -elasticsearch tire impoting existing db Elasticsearch-rails, highlights query Custom Analyzer elasticsearch-rails elasticsearch-rails empty results Elasticsearch-Rails & Elasticsearch 5.4: Geopoint not updating ElasticSearch / Tire with rails: no parser for element Asciifolding with Elasticsearch and Tire in Rails 4 not Working Rails 4.1.0 elasticsearch Tire association
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM