For many developers, they are accustomed Postman to test the REST interface. Before my article " How to install Elasticsearch on Linux, MacOS and Windows ," and I have also shown how to use Postman to visit our Elasticsearch. For Postman access Elasticsearch, the very direct. But where there is a situation, I did not show, and that is: when to start after a cluster security, how do we use the user name and password to access our Elasticsearch cluster it?
Set up security for the cluster Elasticsearch
We can follow my previous article " : elasticsearch Elastic account security settings set the user name and password." Once and set username and password, or when we use Postman kinds of language API to access Elasticsearch, we must use a user name and password to access.
In today's test, I will use the Elastic cloud to experiment. If you have not used Elastic cloud, please refer to my previous article " Elastic: Elastic 3 Fenzhong deployed in clusters on Elastic Cloud ." In the case of default, Elastic cloud is with security settings.
The Elasticsearch HTTP / REST client used in conjunction with Shield
First of all, we can refer to the Elastic official documents . As shown in the document: Elasticsearch standard HTTP basic authentication header used to identify the requestor together. Since Elasticsearch is stateless, and thus this header must be sent along with every request:
Authorization: Basic <TOKEN>Here <TOKEN> calculated as base64 (USERNAME: PASSWORD).
We are looking for an online tool to calculate base64 online https://www.base64encode.org/ . We assume that the user name is elastic, and our password is 123456.
We elastic: 123456 Enter at the click of a button ENCODE, we can find the code base64 encoded ZWxhc3RpYzoxMjM0NTY = . This will be our fill to header in the string if follows Postman request.
Use Postman access Elasticsearch
With the above method can be token base64, then I can be configured in the Postman. We open Postman:
As shown above: we fill Elasticsearch access address while the corresponding fill Basic <token> in the Authorization header portion. Once we fill out good, we click on the Send button. Here we can see the results of return.
When we ask, if there is payload under the circumstances, how to do it? We can put our payload is written to the Postman's body inside:
Once we use Postman able to complete our test API interface, we can use any language to initiate a request for Elasticsearch, and even those we do not need to consider the interface provided by the language.
reference:
