Elasticsearch-setup-passwords fails with JsonParseException - Elasticsearch

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

兴奋的地瓜 · Python - Pandas ...· 1 周前 ·

怕老婆的仙人球 · 一加7 Pro ...· 1 周前 ·

聪明的椅子 · HTML5 canvas ...· 4 月前 ·

憨厚的长颈鹿 · 2023济宁实验高中高考最高分 - 抖音· 1 年前 ·

聪明伶俐的大象 · 350. 两个数组的交集2（Python） ...· 1 年前 ·

i would like to enable security in my cluster with elasticsearch 7.1.1.
If i execute "elasticsearch-setup-passwords auto" for generating passwords for the built-in users i get the following error:

/usr/share/elasticsearch/bin# ./elasticsearch-setup-passwords auto
Exception in thread "main" ElasticsearchParseException[Failed to parse content to map]; nested: JsonParseException[Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null')
 at [Source: java.io.StringReader@241e8ea6; line: 1, column: 2]];
        at org.elasticsearch.common.xcontent.XContentHelper.convertToMap(XContentHelper.java:131)
        at org.elasticsearch.xpack.security.authc.esnative.tool.HttpResponse$HttpResponseBuilder.withResponseBody(HttpResponse.java:55)
        at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$SetupCommand.responseBuilder(SetupPasswordTool.java:538)
        at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$SetupCommand.lambda$checkElasticKeystorePasswordValid$1(SetupPasswordTool.java:300)
        at org.elasticsearch.xpack.security.authc.esnative.tool.CommandLineHttpClient.execute(CommandLineHttpClient.java:126)
        at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$SetupCommand.checkElasticKeystorePasswordValid(SetupPasswordTool.java:299)
        at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool$AutoSetup.execute(SetupPasswordTool.java:129)
        at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
        at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
        at org.elasticsearch.cli.Command.main(Command.java:90)
        at org.elasticsearch.xpack.security.authc.esnative.tool.SetupPasswordTool.main(SetupPasswordTool.java:107)
Caused by: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null')
 at [Source: java.io.StringReader@241e8ea6; line: 1, column: 2]
        at com.fasterxml.jackson.core.JsonParser._constructError(JsonParser.java:1702)
        at com.fasterxml.jackson.core.base.ParserMinimalBase._reportError(ParserMinimalBase.java:558)
        at com.fasterxml.jackson.core.base.ParserMinimalBase._reportUnexpectedChar(ParserMinimalBase.java:456)
        at com.fasterxml.jackson.core.json.ReaderBasedJsonParser._handleOddValue(ReaderBasedJsonParser.java:1906)
        at com.fasterxml.jackson.core.json.ReaderBasedJsonParser.nextToken(ReaderBasedJsonParser.java:749)
        at org.elasticsearch.common.xcontent.json.JsonXContentParser.nextToken(JsonXContentParser.java:52)
        at org.elasticsearch.common.xcontent.support.AbstractXContentParser.readMap(AbstractXContentParser.java:336)
        at org.elasticsearch.common.xcontent.support.AbstractXContentParser.readMap(AbstractXContentParser.java:309)
        at org.elasticsearch.common.xcontent.support.AbstractXContentParser.map(AbstractXContentParser.java:264)
        at org.elasticsearch.common.xcontent.XContentHelper.convertToMap(XContentHelper.java:129)
        ... 12 more
Can someone support here please.
Chris
              
I'd assume the rest request is not returning JSON, which would be rather odd. Trying hitting the endpoint directly with curl to see what the real response is, I'd assume it is not from elasticsearch.
You can use something like this:
curl -v -X POST "localhost:9200/_security/user/elastic/_password" -H 'Content-Type: application/json' -d'{"password" : "s3cr3t"}'
https://www.elastic.co/guide/en/elasticsearch/reference/7.1/security-api-change-password.html#_examples_80
thanks for your response.

I could change the passwords manually via curl.

But still wondering why the script doesn´t work.
Chris

              
One usually runs elasticsearch-setup-passwords in order to initially set the password for the internal users  (elastic being one of them ) . I'm curious as to how changed the password of the elastic user when there was no user you could use to authenticate as.
Other than that, I think @jpcarey was spot on in his assumption.
 jpcarey:
Trying hitting the endpoint directly with curl to see what the real response is, I'd assume it is not from elasticsearch.
Is there any proxy in your environment ?
Keep in mind that elasticsearch-setup-passwords is using the configuration from elasticsearch.yml to determine where to send the requests to set the passwords so incorrect values for http.publish_host or network.publish_host would also affect the tool's ability to set the passwords.
Can you share some more details, like what does your configuration looks like, and how did you change the password via curl ( the exact command )  ?
      Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S.
      and in other countries
      Trademarks
      Terms
      Privacy
    Brand
      Code of Conduct
    Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
    logo are trademarks of the
    Apache Software Foundation
    in the United States and/or other countries.