我已经成功设置了 elasticsearch x-pack 安全性。我打算使用生成的令牌来限制请求。我在此页面之后生成了令牌: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-tokens.html 并在 curl 中对其进行了测试:
curl -H "Authorization: Bearer k7vvAiCHUtrYVNNuLFPv***************EOIXQi+L7FevycU=" http://localhost:9200/plugin/database/_search?q=*:*
它运作良好。但是当我尝试在我的 node.js 控制器中使用相同的令牌(使用 elasticsearch.js)时,我不知道我应该把它放在哪里,例如在“client.index”中:
return client.index({
index: indexName,
type: typeName,
body: {
authorization: "Bearer k7vvAiCHUtrYV*****XQi+L7FevycU=",
workspace: content
}
});
它不起作用,并返回错误消息:
<- 401
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "missing authentication token for REST request [/plugin/database]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type": "security_exception",
"reason": "missing authentication token for REST request [/plugin/database]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status": 401
}
那么我应该如何在我的 node.js 请求中将这个生成的令牌传递给 elasticsearch 呢?