Authentication problems between graylog-web and graylog-server


#1

Hi everyone,

I experiencing some problems with my configuration. Here a brief description of my environment:

  • Backend: Three different nodes, each with:

    • Elasticsearch (each node is a part of a Graylog-dedicated ES cluster)
    • MongoDB (each node is a part of a Graylog-dedicate MongoDB cluster)
    • Graylog Server (configured without web interface, just to provide the REST API on port 12900)
  • Frontend: Two different nodes, each with:

    • Graylog Web (configured with the list of backend nodes)
    • IPVS+Keepalived (to manage the VIPs for Graylog streams and web interface)

My Graylog Servers configuration is pretty straight forward:

# /etc/graylog/server/server.conf
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = ***
root_username = admin
root_password_sha2 = ***
root_email = 
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://<my IP>:12900/
web_enable = false
rest_enable_cors = True
rest_enable_gzip = True
rest_enable_tls = False
...

Also I use a pretty simple configuration also for graylog-web (modified to contact a single backend server, just for debugging):

# /etc/graylog/web/web.conf
graylog2-server.uris="http://<BE server IP>:12900/"
application.secret="***"
timezone="Europe/Rome"
field_list_limit=100
application.global=lib.Global

Now, graylog-server is up and running but, when I try to fire up the graylog-web I obtain this error in the /var/log/graylog-web/application.log file:

2017-06-14T11:16:26.651+02:00 - [ERROR] - from org.graylog2.restclient.lib.ServerNodesRefreshService in servernodes-refresh-0 
Resolving configured nodes failed
org.graylog2.restclient.lib.APIException: API call failed GET http://@< BE server IP >:12900/system/cluster/node returned 401 Unauthorized body: 
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.handleResponse(ApiClientImpl.java:511) ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.executeOnAll(ApiClientImpl.java:615) ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.resolveConfiguredNodes(ServerNodesRefreshService.java:97) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.access$400(ServerNodesRefreshService.java:42) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService$1.run(ServerNodesRefreshService.java:126) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_131]
	at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_131]
	at java.lang.Thread.run(Thread.java:748) [na:1.8.0_131]

Also, the web interface tells me no nodes are reachable

Changing the graylog2-server.uris param in the web.conf file with the admin authentication

graylog2-server.uris="http://admin:<password>@<BE server IP>:12900/"

takes me a step forward (I can now login in the Graylog web interface), but every time I try to open an api-based page, I got an error (on the web interface) saying:

(You caused a org.graylog2.restclient.lib.APIException. API call failed GET http://@< BE server IP>:12900/system/radios returned 404 Not Found body: {"type":"ApiError","message":"HTTP 404 Not Found"})

I searched a lot in the documentation (official and not), and in some discussion on the web, but I haven’t found nothing related to my problem; seems that the graylog-web don’t pass authentication information when querying the graylog-server.

There is any web-related parameter I can set to finally get my Graylog Web talking correctly with the Graylog Server?
Any help will be appreciated.

Thanks in advance
macteo


(Jan Doberstein) #2

Hej @macteo

what Software Versions are you running?

Thanks
Jan


#3

Hi @jan,

I’m currently running the software on CentOS Linux 7.3.1611, Graylog versions are (based on the repository):

  • graylog-server-2.3.0-3.alpha.3
  • graylog-web-1.3.4-1

On the web interface this is reported as version:

  • Graylog 2.3.0-alpha.3+c795033

In the meanwhile, I’ve noticed that on the graylog2-web-interface GitLab repository the project was marked as deprecated.

I’d to leave the graylog-web configuration and use the server plugin web interface?

Thanks
macteo


(Jochen) #4

These are incompatible.

The old Graylog web interface (graylog-web) does not work with Graylog 2.x.

See the release/upgrade notes of Graylog 2.x for details:


(system) #5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.