OAuth令牌API在弹性搜索中不起作用 [英] OAuth Token API Not Working In Elastic Search

问题描述

我是Elastic Search的新手.通过Java High Level Rest Client将我的Spring boot应用程序与Elastic搜索集成在一起，并且在设置证书和密码后通过提供以下属性来启用安全性:

I'm new to Elastic search. Integrated my Spring boot application with Elastic search through Java High Level Rest Client and I've enabled security by providing below properties after setting up the certificate and passwords:

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: "http.p12"

我也对kibana.yaml进行了必要的更改，并且可以访问它. 尝试通过Kibana进行以下调用以获取OAuth令牌:

I've done the required changes in kibana.yaml as well and I'm able to access it. Tried below call through Kibana to get the OAuth token:

   POST /_security/oauth2/token
    {
      "grant_type" : "password",
      "username" : "elastic",
      "password" : "password_for_elastic_super_user"
    }

在kibana中执行后出现以下错误:

Getting below error after executing in kibana:

{
  "error" : {
    "root_cause" : [
      {
        "type" : "security_exception",
        "reason" : "current license is non-compliant for [security tokens]",
        "license.expired.feature" : "security tokens"
      }
    ],
    "type" : "security_exception",
    "reason" : "current license is non-compliant for [security tokens]",
    "license.expired.feature" : "security tokens"
  },
  "status" : 403
}

我点击了获取许可证API 也收到以下回应:

I've hit the GET license API as well, got below response:

{
  "license" : {
    "status" : "active",
    "uid" : "62b089de-422e-41f0-88c8-9ad76b27cd62",
    "type" : "basic",
    "issue_date" : "2020-06-25T07:17:48.310Z",
    "issue_date_in_millis" : 1593069468310,
    "max_nodes" : 1000,
    "issued_to" : "elasticsearch",
    "issuer" : "elasticsearch",
    "start_date_in_millis" : -1
  }
}

任何人都可以帮助解决此问题吗?

推荐答案

您正在使用basic版本的elasticsearch，该版本不具有此安全功能(安全令牌)，并且会导致此问题，您可以参考更多内容包含在弹性订阅中的弹性堆栈安全性"部分的什么许可证中.

You are using the basic version of elasticsearch which doesn't have this security feature(security tokens) and causing this issue, you can refer more to what is included in what license under Elastic stack security section in Elastic subscription.

security tokens功能在同一订阅页面中提到的基本许可下不可用，并且在金牌级别可用.

security tokens feature is not available under the basic license as mentioned in the same subscription page and available from the gold tier.

上面在

Confirmed above from the elasticsearch x-pack source code as shown this exception is thrown while running the Integration test and this is the production java code which throws the generic exception message for current license is non-compliant for.

如果要使用security tokens功能，则必须升级到最低黄金等级.

You have to upgrade to minimum Gold tier if you want to use security tokens feature.

这篇关于OAuth令牌API在弹性搜索中不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！