odfe-node1 | [2019-05-07T06:06:54,635][WARN ][c.a.o.s.s.h.n.OpenDistroSecuritySSLNettyHttpServerTransport] [MqGeKRk] Someone (null) speaks http plaintext instead of ssl, will close the channel
I also tried just logging into Kibana which gives me permission errors (I am logged in on admin account)
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "no permissions for [] and User [name=admin, roles=[admin], requestedTenant=__user__]"
}
],
"type": "security_exception",
"reason": "no permissions for [] and User [name=admin, roles=[admin], requestedTenant=__user__]"
},
"status": 403
}
Oh, you are right! However I still get the same permission error like I have when trying to delete directly from Kibana. Any ideas on that, or should I make a separate security post?
I can’t help you further without more description about your setup.
Can you give me your configuration files, user roles and permissions?
Not sure about a role named admin.
Find it weird that “no permissions for ” is empty, normally it tells you which rights you are lacking.
And what is that tenant “__user__” ?
“no permissions for and User [name=admin, roles=[admin], requestedTenant=user]”
Started today by following the docker install guide. I am using the sample docker-compose file so my setup is basically plain vanilla. When I go into kibana > tenants I only see Global, Private and admin_tenant so I don’t really know what “user” is about.
The kibana error I mentioned was from Dev Tools. I just want a quick way to remove all indexes during development so I don’t need to delete them one by one.
I’ve found, that individual or wildcard indexes DELETE requests works fine for all indexes from curl -X GET 'https://localhost:9201/_cat/indices?v' list except .opendistro_security one. I guess https://opendistro.github.io/for-elasticsearch-docs/docs/security/security-admin/securityadmin.sh command with -dci flag could potentially resolve this issue. One attempt to do this from inside of docker image was unsuccessfull so I decided to cleanup docker container.
When i am executing the curl request curl -XDELETE 'https://localhost:9200/*' -u admin:admin --insecure, i am getting error,
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "no permissions for [] and User [name=admin, backend_roles=[admin], requestedTenant=null]"
}
],
"type": "security_exception",
"reason": "no permissions for [] and User [name=admin, backend_roles=[admin], requestedTenant=null]"
},
"status": 403
}
Hello !
I think you are trying to delete some special indices but you are using admin account so it’s weird you are getting rejected…
Are you using the default installation settings? (certs, accounts, permissions)
Maybe you can try using the certificates instead of admin authentication.
–cert /etc/elasticsearch/kirk.pem --key /etc/elasticsearch/kirk-key.pem something like that