Can you try to switch off client.transport.sniff, this might trigger another authority rule. I am not sure, but it is worth a try.
On Tue, Mar 10, 2015 at 5:30 AM, Zsolt Bákonyi <[email protected]> wrote: > Dear Jettro. > > Can you help me, how could you do it? > I try to comminicate to Elasticsearch with Shield plugin. This is done > when I make CURL requests. > Without shield plugin my JAVA code ( Client is same as yours ) works > well. But after install Shield, and put Shield into maven depencies in my > application: > > <dependency> > <groupId>org.elasticsearch</groupId> > <artifactId>elasticsearch-shield</artifactId> > <version>1.0.1</version> > </dependency> > > I got strange error, without creating any change in my code: > > 12:53:23,746 INFO [org.elasticsearch.plugins] (default task-1) [Honey > Lemon] loaded [shield], sites [] > 12:53:23,987 INFO [org.elasticsearch.transport] (default task-1) [Honey > Lemon] Using > [org.elasticsearch.shield.transport.ShieldClientTransportService] as > transport service, overridden by [shield] > 12:53:23,987 INFO [org.elasticsearch.transport] (default task-1) [Honey > Lemon] Using > [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as > transport, overridden by [shield] > 12:53:24,232 ERROR [org.jboss.as.ejb3.invocation] (default task-1) > JBAS014134: EJB Invocation failed on component ElasticSearch for method > public org.elasticsearch.client.Client > net.***.***.search.ElasticSearch.AuthElasticSearch(java.lang.String,java.lang.String): > javax.ejb.EJBException: org.elasticsearch.common.inject.CreationException: > Guice creation errors: > > > > 1) A binding to org.elasticsearch.shield.transport.filter.IPFilter was > already configured at _unknown_. > > at _unknown_ > > > > 2) A binding to org.elasticsearch.shield.transport.ClientTransportFilter > was already configured at _unknown_. > > at _unknown_ > > > > 3) A binding to org.elasticsearch.shield.ssl.SSLService was already > configured at _unknown_. > > at _unknown_ > > > > 3 errors > > > > My code: > > @SuppressWarnings("resource") > public Client AuthElasticSearch(String user, String pass) { > > Settings settings = ImmutableSettings.settingsBuilder().put("cluster.name", > "****").put("client.transport.sniff", true) > .put("shield.user", user + ":" + pass).build(); > Client client = new TransportClient(settings).addTransportAddress(new > InetSocketTransportAddress("localhost", 9300)); > > return client; > > } > > Both ES versions in Ubuntu and app are 1.4.4 > Both SHIELD versions are 1.0.1 > > java version "1.8.0_40" > Java(TM) SE Runtime Environment (build 1.8.0_40-b25) > Java HotSpot(TM) 64-Bit Server VM (build 25.40-b25, mixed mode) > > Thank you. > > 2015. január 29., csütörtök 0:46:53 UTC+1 időpontban Jettro Coenradie a > következőt írta: > >> Never mind, misread the documentation. It seems a node info request is >> done first, therefore you need to provide the username password in the >> client. Than if you want to, you can change the username password for each >> request that you do. >> >> It works now. >> >> Op woensdag 28 januari 2015 22:12:31 UTC+1 schreef Jettro Coenradie: >>> >>> Hi, >>> trying to get Shield working with a java client. When setting the header >>> token on the client, there is no problem. But when I try to use the header >>> of a request there is no succes. I am trying this code, which is almost a >>> copy of the sample code in the documentation. It does not work, if I >>> uncomment the line with shield.user, it does work: Any clues on what I >>> should do are appreciated. >>> >>> package nl.gridshore.dwes.elastic; >>> >>> import org.elasticsearch.action.count.CountResponse; >>> import org.elasticsearch.action.search.SearchResponse; >>> import org.elasticsearch.client.Client; >>> import org.elasticsearch.client.transport.TransportClient; >>> import org.elasticsearch.common.settings.ImmutableSettings; >>> import org.elasticsearch.common.settings.Settings; >>> import org.elasticsearch.common.transport.InetSocketTransportAddress; >>> import org.elasticsearch.common.transport.TransportAddress; >>> import org.elasticsearch.shield.authc.support.SecuredString; >>> >>> import java.util.ArrayList; >>> import java.util.List; >>> >>> import static java.util.stream.Collectors.toList; >>> import static org.elasticsearch.shield.authc.support. >>> UsernamePasswordToken.basicAuthHeaderValue; >>> >>> public class SecureElastic { >>> public static void main(String[] args) { >>> Settings settings = ImmutableSettings.settingsBuilder() >>> .put("cluster.name", "jc-play") >>> // .put("shield.user", "jettro:nopiforme") >>> .build(); >>> >>> Client client = new TransportClient(settings) >>> .addTransportAddress(new InetSocketTransportAddress(" >>> localhost",9300)); >>> >>> String token = basicAuthHeaderValue("jettro", new >>> SecuredString("nopiforme".toCharArray())); >>> >>> SearchResponse searchResponse = client.prepareSearch(" >>> gridshore").putHeader("Authorization", token).get(); >>> long totalHits = searchResponse.getHits().totalHits(); >>> >>> System.out.println(totalHits); >>> } >>> } >>> >>> >>> The exception: >>> Caused by: org.elasticsearch.shield.authc.AuthenticationException: >>> missing authentication token for action [cluster:monitor/nodes/info] >>> >>> -- > You received this message because you are subscribed to a topic in the > Google Groups "elasticsearch" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/elasticsearch/WcD4Ej9cMbA/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/elasticsearch/860e98d4-63a3-4bd7-816b-095405e799a4%40googlegroups.com > <https://groups.google.com/d/msgid/elasticsearch/860e98d4-63a3-4bd7-816b-095405e799a4%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Jettro Coenradie http://www.gridshore.nl -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CABB4caOxpt%3DRkRqGq%2BS_qbhhCqMC6ZhyPFtEbA9C3UZPxN-52A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
