Skip to content

Supporting basic authentication for Elasticsearch connector#1838

Closed
mobini-majid wants to merge 1 commit intotrinodb:masterfrom
mobini-majid:master
Closed

Supporting basic authentication for Elasticsearch connector#1838
mobini-majid wants to merge 1 commit intotrinodb:masterfrom
mobini-majid:master

Conversation

@mobini-majid
Copy link
Member

@mobini-majid mobini-majid commented Oct 23, 2019

Starting from elasticsearch 7.x.x, basic authentication using username and password is supported through its x-pack.

In this pull request, if the user set elasticsearch.security to X_PACK (instead of AWS), he's able to connect to a secured elastic search by setting elasticsearch.username and elasticsearch.password variables in catalog file.

You can bring up a secured elasticsearch like this and test it if needed.

version: '3.4'
services:
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.4.0
    environment:
      cluster.name: elasticsearch
      discovery.type: single-node
      xpack.security.enabled: 'true'
      ELASTIC_USERNAME: elastic
      ELASTIC_PASSWORD: magic-word
    ports:
      - '9200:9200'
      - '9300:9300'
    volumes:
      - ./esdata01:/path/to/elasticsearch/data

@cla-bot
Copy link

cla-bot bot commented Oct 23, 2019

Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. In order for us to review and merge your code, please submit the signed CLA to cla@prestosql.io. For more information, see https://github.com/prestosql/cla.

@martint martint self-requested a review October 23, 2019 14:45
martint
martint requested changes Oct 23, 2019
View reviewed changes
Copy link
Member

@martint martint left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for implementing this! I have a few comments about naming and how to better structure the change.

Also, please make sure to submit a signed CLA so we can merge it: https://github.com/prestosql/cla

presto-elasticsearch/src/main/java/io/prestosql/elasticsearch/ElasticsearchConfig.java

private String host;
private int port = 9200;
private String username;
Copy link
Member

@martint martint Oct 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's put these in a separate config similar to how we handle io.prestosql.elasticsearch.AwsSecurityConfig

presto-elasticsearch/src/main/java/io/prestosql/elasticsearch/client/ElasticsearchClient.java
.setMaxRetryTimeoutMillis((int) config.getMaxRetryTime().toMillis());

builder.setHttpClientConfigCallback(clientBuilder -> {
if (config.getSecurity().isPresent()) {
Copy link
Member

@martint martint Oct 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once you move the configs to a separate object similar to AwsSecurityConfig, we'll need an additional Optional<XPackSecurityConfig> argument to this method and this check will need to be adjusted.

presto-docs/src/main/sphinx/connector/elasticsearch.rst
.. _full text query: https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html#query-string-syntax


X-Pack Authentication
Copy link
Member

@martint martint Oct 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should this to "Password Authentication". X-Pack is a plugin framework for Elasticsearch. From the point of view of Presto, this is about using simple user/password scheme to authenticate with ES.

@eskabetxe eskabetxe mentioned this pull request Apr 5, 2020
Closed
@martint
Copy link
Member

martint commented Aug 14, 2020

Superseded by #4165

@martint martint closed this Aug 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martint martint martint requested changes

Assignees

@mobini-majid mobini-majid

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mobini-majid @martint