Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Straight to 1.0

  • Loading branch information...
commit 2504662a7ca1489dea8170d74a9d72996727e0d9 0 parents
@skade skade authored
3  .gitignore
@@ -0,0 +1,3 @@
+*.class
+*.jar
+*.zip
1  COPYING
@@ -0,0 +1 @@
+elasticsearch-http-basic is Copyright (c) 2011, Florian and Felix Gilcher
20 LICENSE
@@ -0,0 +1,20 @@
+Copyright (c) 2011 Florian Gilcher <florian.gilcher@asquera.de>, Felix Gilcher <felix.gilcher@asquera.de>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
19 README.md
@@ -0,0 +1,19 @@
+# HTTP Basic auth for ElasticSearch
+
+This plugin provides an extension of ElasticSearchs HTTP Transport module to enable HTTP Basic authorization.
+
+## Installation
+
+Copy `elasticsearch-http-basic-<version>.jar` to `plugins/http-basic`. Or use `bin/plugin` to do so.
+
+## Configuration
+
+The plugin is disabled by default. Enabling basic authorization will disable the default HTTP Transport module.
+
+```
+http.basic.enable = true
+http.basic.user = "my_username"
+http.basic.password = "my_password"
+```
+
+Be aware that the password is stored in plain text.
32 build.gradle
@@ -0,0 +1,32 @@
+apply plugin: 'java'
+
+version = '1.0'
+
+sourceSets.main.resources.srcDirs 'src/main/java'
+sourceSets.test.resources.srcDirs 'src/test/java'
+
+configurations {
+ distLib
+}
+
+if (hasProperty("xlint")) {
+ tasks.withType(Compile) {
+ options.compilerArgs << "-Xlint:unchecked"
+ }
+}
+
+jar {
+ manifest {
+ attributes 'Implementation-Title': 'Elasticsearch HTTP Basic', 'Implementation-Version': '1.0'
+ }
+ from sourceSets.main
+}
+
+repositories {
+ mavenCentral()
+ mavenRepo name: "sonatype", url: "https://oss.sonatype.org/content/groups/public/"
+}
+
+dependencies {
+ compile group: "org.elasticsearch", name: 'elasticsearch', version: "0.18.4"
+}
66 src/main/java/com/asquera/elasticsearch/plugins/http/HttpBasicServer.java
@@ -0,0 +1,66 @@
+package com.asquera.elasticsearch.plugins.http;
+
+import org.elasticsearch.http.*;
+import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.env.Environment;
+import org.elasticsearch.node.service.NodeService;
+import org.elasticsearch.rest.RestController;
+import org.elasticsearch.common.inject.Inject;
+import org.elasticsearch.common.Base64;
+
+import org.elasticsearch.rest.StringRestResponse;
+
+import static org.elasticsearch.rest.RestStatus.*;
+
+import java.io.IOException;
+
+public class HttpBasicServer extends HttpServer {
+ private final String user;
+ private final String password;
+
+ @Inject public HttpBasicServer(Settings settings, Environment environment, HttpServerTransport transport,
+ RestController restController,
+ NodeService nodeService) {
+ super(settings, environment, transport, restController, nodeService);
+
+ this.user = settings.get("http.basic.user");
+ this.password = settings.get("http.basic.password");
+ }
+
+ public void internalDispatchRequest(final HttpRequest request, final HttpChannel channel) {
+ if (authBasic(request)) {
+ super.internalDispatchRequest(request, channel);
+ } else {
+ channel.sendResponse(new StringRestResponse(FORBIDDEN));
+ }
+ }
+
+ private boolean authBasic(final HttpRequest request){
+ String authHeader = request.header("Authorization");
+
+ if (authHeader == null) {
+ return false;
+ }
+
+ String[] split = authHeader.split(" ");
+ String decoded = null;
+
+ try {
+ decoded = new String(Base64.decode(split[1]));
+ } catch (IOException e) {
+ logger.warn("Decoding of basic auth failed.");
+ return false;
+ }
+
+ String[] user_and_password = decoded.split(":");
+ String given_user = user_and_password[0];
+ String given_pass = user_and_password[1];
+
+ if (this.user.equals(given_user) &&
+ this.password.equals(given_pass)) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+}
40 src/main/java/com/asquera/elasticsearch/plugins/http/HttpBasicServerModule.java
@@ -0,0 +1,40 @@
+/*
+ * Licensed to Elastic Search and Shay Banon under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. Elastic Search licenses this
+ * file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package com.asquera.elasticsearch.plugins.http;
+
+import org.elasticsearch.common.inject.AbstractModule;
+import com.asquera.elasticsearch.plugins.http.HttpBasicServer;
+import org.elasticsearch.http.HttpServerModule;
+import org.elasticsearch.common.settings.Settings;
+
+/**
+ * @author Florian Gilcher (florian.gilcher@asquera.de)
+ */
+public class HttpBasicServerModule extends HttpServerModule {
+
+ public HttpBasicServerModule(Settings settings) {
+ super(settings);
+ }
+
+ @Override protected void configure() {
+ bind(HttpBasicServer.class).asEagerSingleton();
+ }
+}
+
59 src/main/java/com/asquera/elasticsearch/plugins/http/HttpBasicServerPlugin.java
@@ -0,0 +1,59 @@
+package com.asquera.elasticsearch.plugins.http;
+
+import org.elasticsearch.common.inject.Inject;
+import org.elasticsearch.common.inject.Module;
+import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.plugins.AbstractPlugin;
+import org.elasticsearch.http.HttpServerModule;
+import org.elasticsearch.http.HttpServer;
+import com.asquera.elasticsearch.plugins.http.HttpBasicServer;
+import com.asquera.elasticsearch.plugins.http.HttpBasicServerModule;
+import org.elasticsearch.common.component.LifecycleComponent;
+import org.elasticsearch.common.settings.ImmutableSettings;
+
+import java.util.Collection;
+
+import static org.elasticsearch.common.collect.Lists.*;
+
+/**
+ * @author Florian Gilcher (florian.gilcher@asquera.de)
+ */
+public class HttpBasicServerPlugin extends AbstractPlugin {
+ private final Settings settings;
+
+ @Inject public HttpBasicServerPlugin(Settings settings) {
+ this.settings = settings;
+ }
+
+ @Override public String name() {
+ return "http-basic-server-plugin";
+ }
+
+ @Override public String description() {
+ return "HTTP Basic Server Plugin";
+ }
+
+ @Override public Collection<Class<? extends Module>> modules() {
+ Collection<Class<? extends Module>> modules = newArrayList();
+ if (settings.getAsBoolean("http.basic.enabled", false)) {
+ modules.add(HttpBasicServerModule.class);
+ }
+ return modules;
+ }
+
+ @Override public Collection<Class<? extends LifecycleComponent>> services() {
+ Collection<Class<? extends LifecycleComponent>> services = newArrayList();
+ if (settings.getAsBoolean("http.basic.enabled", false)) {
+ services.add(HttpBasicServer.class);
+ }
+ return services;
+ }
+
+ @Override public Settings additionalSettings() {
+ if (settings.getAsBoolean("http.basic.enabled", false)) {
+ return ImmutableSettings.settingsBuilder().put("http.enabled", false).build();
+ } else {
+ return ImmutableSettings.Builder.EMPTY_SETTINGS;
+ }
+ }
+}
1  src/main/java/es-plugin.properties
@@ -0,0 +1 @@
+plugin=com.asquera.elasticsearch.plugins.http.HttpBasicServerPlugin
Please sign in to comment.
Something went wrong with that request. Please try again.