You enable the Elasticsearch security features and then create passwords for built-in users.
Elastic Search开启用户认证,包括增加安全配置项【xpack.security.enabled: true】、给内置用户设置密码【elasticsearch-setup-passwords interactive】等,最后使用浏览器等验证效果。
文件:安装路径 / config / elasticsearch.yml
二、内置用户设置密码xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
三、重启服务./bin/elasticsearch-setup-passwords interactive
重启参数:-d
四、查看效果 4.1、浏览器nohup bin/elasticsearch -d &
选择认证方式,填入用户密码:Authorization ——》Type——》Basic Auth
def get_all_index():
import requests
from requests.auth import HTTPBasicAuth
url = 'http://192.168.0.149:9200/_cat/indices?format=json'
res = requests.get(url, auth=HTTPBasicAuth('elastic', 'elastic'))
if res:
print(res.json())
else:
print(res.status_code, res.content)
五、官网摘抄
The Elastic Stack authenticates users by identifying the users behind the requests that hit the cluster and verifying that they are who they claim to be. The authentication process is handled by one or more authentication services called realms. A realm is used to resolve and authenticate users based on authentication tokens.
The Elastic Stack security features provide built-in realms such as native,ldap, active_directory, pki, file, saml, and oidc. If none of the built-in realms meet your needs, you can also build your own custom realm and plug it into the Elastic Stack.
The security features provide two services: the token service and the api key service.
官网:User authentication | Elasticsearch Guide [7.15] | Elastic
