Hello,
I’m trying to POST on _bulk on an index from another page but it doesn’t ask for credentials and i get a “401 Unauthorized” response.
Here is my page code for sending the request :
url = "https://my.server:9209/my-index/_bulk";
req1.open("POST", url,false);
req1.setRequestHeader("Access-Control-Allow-Origin","*");
req1.setRequestHeader("Content-Type","application/x-ndjson");
req1.setRequestHeader("X-Requested-With","XMLHttpRequest");
req1.send(objtopost);
And my opensearch.yml configuration :
# WARNING: revise all the lines below before you go into production
# https://opensearch.org/docs/latest/security-plugin/configuration/tls/
plugins.security.disabled: false
# TRANSPORT LAYER TLS
plugins.security.ssl.transport.pemcert_filepath: ./node-cert.pem
plugins.security.ssl.transport.pemkey_filepath: ./node-key.pem
# plugins.security.ssl.transport.pemkey_password: NO PASSWORD FOR KEY
plugins.security.ssl.transport.pemtrustedcas_filepath: ./node-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: true
# REST LAYER TLS
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: ./node-cert.pem
plugins.security.ssl.http.pemkey_filepath: ./node-key.pem
#plugins.security.ssl.http.pemkey_password: NO PASSWORD FOR KEY
plugins.security.ssl.http.pemtrustedcas_filepath: ./node-ca.pem
plugins.security.allow_unsafe_democertificates: false
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn:
- [...]
plugins.security.nodes_dn:
- [...]
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]
node.max_local_storage_nodes: 3
######## End OpenSearch Security Demo Configuration ########
# For FSCrwaler https://forum.opensearch.org/t/alternative-to-fscrawler-in-opensearch/7157/7
compatibility.override_main_response_version: true
## Enabling CORS
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "access-control-allow-origin,X-Requested-With,X-Auth-Token,Content-Type,Content-Length,X-User,Authorization"
http.cors.allow-credentials: true
PS : When I was using ElasticSearch this was working fine but it looks like the configuration with OpenSearch must be different
Any ideas ? Tell me if I forgot anything
Thanks !