elasticsearch 6.2.4添加用戶密碼認證

elasticsearch 6.3版本以前的添加認證需安裝x-pack插件,6.3以後貌似去掉了這個。json

一、安裝x-packvim

先切換到elastic用戶下,在執行如下命令app

$cd /data/elasticsearch-6.2.4  --進到elasticsearch的安裝目錄 $./bin/elasticsearch-plugin install x-pack

二、設置密碼:cors

$cd /data/elasticsearch-6.2.4/bin/x-pack $./setup-passwords interactive

會對elasticsearch、logstash、kibana分別設置登陸密碼(默認es用戶名爲elastic,logstash用戶名爲logstash_system,kibana用戶名爲kibana) curl

三、設置elasticsearch配置文件elasticsearch

$vim /data/elasticsearch-6.2.4/config/elasticsearch.yml   --添加以下三行 http.cors.enabled: true http.cors.allow-origin: '*' http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type

配置完重啓下elasticsearch服務post

四、測試測試

[elastic@data-backup elasticsearch-6.2.4]$curl http://10.163.19.231:9600 --不用密碼訪問,會報錯
{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication token for REST request [/]","header": {"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication 
token for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401} [elastic@data-backup elasticsearch-6.2.4]$curl http://10.163.19.231:9600 -u elastic:elastic123 --用剛纔新加的用戶密碼訪問,能正常返回數據(elastic:用戶名,elastic123:密碼)
{ "name" : "eR3qSni", "cluster_name" : "elasticsearch", "cluster_uuid" : "pQbnNW7jRgmzbqvW7n2I5Q", "version" : { "number" : "6.2.4", "build_hash" : "ccec39f", "build_date" : "2018-04-12T20:37:28.497551Z", "build_snapshot" : false, "lucene_version" : "7.2.1", "minimum_wire_compatibility_version" : "5.6.0", "minimum_index_compatibility_version" : "5.0.0" }, "tagline" : "You Know, for Search" }

五、 添加自定義角色:ui

添加角色接口爲:POST /_xpack/security/role/url

下面添加一個超級管理員角色爲例:

[elastic@data-backup elasticsearch-6.2.4]$ curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://10.163.19.231:9600/_xpack/security/role/admin?pretty' -d '{
"run_as":["elastic"],
"cluster":["all"],
"indices":[
 {
  "names":["*"],
  "privileges":["all"]
 }
]
}'

{
 "role" : {
 "created" : true
 }
}

[elastic@data-backup elasticsearch-6.2.4]$ curl -XGET -H 'Content-type: application/json' -u elastic:elastic123 'http://10.163.19.231:9600/_xpack/security/role/admin?pretty'
{
  "admin" : {
  "cluster" : [
   "all"
  ],
  "indices" : [
   {
     "names" : [
      "*"
     ],
     "privileges" : [
      "all"
     ]
    }
   ],
   "run_as" : [
    "elastic"
   ],
   "metadata" : { },
   "transient_metadata" : {
    "enabled" : true
  }
 }
}

六、添加自定義用戶:

添加用戶接口爲:POST/_xpack/security/user/

下面以添加一個test用戶並添加至admin角色爲例:

注:這裏要注意的是用戶密碼最好不要有"$" "!"之類的字符,這樣有可能會致使密碼認證不成功,其餘字符測試過暫時沒問題(具體緣由不詳,反正我遇到過這個坑)

[elastic@data-backup elasticsearch-6.2.4]$ curl -XGET -H 'Content-type: application/json' -u test:Test123654% 'http://10.163.19.231:9600/_cat/indices?pretty' green open .monitoring-es-6-2019.09.17   J1K2XG1eTXqw0GHSOH5Gwg 1 0     848    104 846.9kb 846.9kb green open .watches qHj5owowRC-3DeK8DaLD-g 1 0       6      0  47.8kb  47.8kb green open .triggered_watches 2pm3BwCnTaKgyzl39eFpUw 1 0       0      0   5.1kb   5.1kb yellow open monitor yFnfztziSguTq9VsfSANpw 5 1      48      0 226.7kb 226.7kb green open .watcher-history-7-2019.09.17 uz6RA_8vRraHHLAitWKtAw 1 0      74      0 259.8kb 259.8kb green open .monitoring-alerts-6          ZPTqnNVOQ5GlUK1ncXNQDQ 1 0       2      0  18.1kb  18.1kb yellow open track AqSGAZnAQE2NGvZXlp9zcw 5 1 1343729 175384 201mb 201mb green open .security-6                   83fAslPbQDSGbGWfhiMAXA 1 0

密碼字符測試的部分截圖:(這裏用到的修改密碼在下面有講解)

 七、修改用戶密碼:

修改密碼須要使用超級管理員權限即elastic用戶,接口爲:POST /_xpack/security/user/要修改密碼的用戶名/_password

curl參數含義以下:

-XPOST 使用post方法傳遞參數

-H 指定http協議的header信息

-u 指定用於認證的用戶信息,用戶名與密碼使用冒號分隔

-d 指定具體要傳遞的參數信息

例如:修改martin用戶的密碼爲:dxm1234%
[elastic@data-backup elasticsearch-6.2.4]$curl -XPOST -H 'Content-type: application/json' -u elastic:elastic123 'http://10.163.19.231:9600/_xpack/security/user/martin/_password?pretty' -d '{"password": "dxm1234%"}'

修改密碼後訪問正常則說明修改爲功,不然可能報錯401

相關文章
相關標籤/搜索