Authentication problems between graylog-web and graylog-server

macteo · June 14, 2017, 9:31am

Hi everyone,

I experiencing some problems with my configuration. Here a brief description of my environment:

Backend: Three different nodes, each with:
- Elasticsearch (each node is a part of a Graylog-dedicated ES cluster)
- MongoDB (each node is a part of a Graylog-dedicate MongoDB cluster)
- Graylog Server (configured without web interface, just to provide the REST API on port 12900)
Frontend: Two different nodes, each with:
- Graylog Web (configured with the list of backend nodes)
- IPVS+Keepalived (to manage the VIPs for Graylog streams and web interface)

My Graylog Servers configuration is pretty straight forward:

# /etc/graylog/server/server.conf
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = ***
root_username = admin
root_password_sha2 = ***
root_email = 
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://<my IP>:12900/
web_enable = false
rest_enable_cors = True
rest_enable_gzip = True
rest_enable_tls = False
...

Also I use a pretty simple configuration also for graylog-web (modified to contact a single backend server, just for debugging):

# /etc/graylog/web/web.conf
graylog2-server.uris="http://<BE server IP>:12900/"
application.secret="***"
timezone="Europe/Rome"
field_list_limit=100
application.global=lib.Global

Now, graylog-server is up and running but, when I try to fire up the graylog-web I obtain this error in the /var/log/graylog-web/application.log file:

2017-06-14T11:16:26.651+02:00 - [ERROR] - from org.graylog2.restclient.lib.ServerNodesRefreshService in servernodes-refresh-0 
Resolving configured nodes failed
org.graylog2.restclient.lib.APIException: API call failed GET http://@< BE server IP >:12900/system/cluster/node returned 401 Unauthorized body: 
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.handleResponse(ApiClientImpl.java:511) ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.executeOnAll(ApiClientImpl.java:615) ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.resolveConfiguredNodes(ServerNodesRefreshService.java:97) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.access$400(ServerNodesRefreshService.java:42) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService$1.run(ServerNodesRefreshService.java:126) [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_131]
	at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_131]
	at java.lang.Thread.run(Thread.java:748) [na:1.8.0_131]

Also, the web interface tells me no nodes are reachable

Changing the graylog2-server.uris param in the web.conf file with the admin authentication

graylog2-server.uris="http://admin:<password>@<BE server IP>:12900/"

takes me a step forward (I can now login in the Graylog web interface), but every time I try to open an api-based page, I got an error (on the web interface) saying:

(You caused a org.graylog2.restclient.lib.APIException. API call failed GET http://@< BE server IP>:12900/system/radios returned 404 Not Found body: {"type":"ApiError","message":"HTTP 404 Not Found"})

I searched a lot in the documentation (official and not), and in some discussion on the web, but I haven’t found nothing related to my problem; seems that the graylog-web don’t pass authentication information when querying the graylog-server.

There is any web-related parameter I can set to finally get my Graylog Web talking correctly with the Graylog Server?
Any help will be appreciated.

Thanks in advance
macteo

jan · June 14, 2017, 12:42pm

Hej @macteo

what Software Versions are you running?

Thanks
Jan

macteo · June 14, 2017, 12:58pm

Hi @jan,

I’m currently running the software on CentOS Linux 7.3.1611, Graylog versions are (based on the repository):

graylog-server-2.3.0-3.alpha.3
graylog-web-1.3.4-1

On the web interface this is reported as version:

Graylog 2.3.0-alpha.3+c795033

In the meanwhile, I’ve noticed that on the graylog2-web-interface GitLab repository the project was marked as deprecated.

I’d to leave the graylog-web configuration and use the server plugin web interface?

Thanks
macteo

jochen · June 14, 2017, 1:48pm

These are incompatible.

The old Graylog web interface (graylog-web) does not work with Graylog 2.x.

See the release/upgrade notes of Graylog 2.x for details:

system · June 28, 2017, 1:48pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to connect to Graylog Web Interface Graylog Central (peer support)	3	11274	November 16, 2018
Graylog web interface problem! Graylog Central (peer support)	12	4785	February 19, 2019
Can't connect to graylog service Graylog Central (peer support)	7	3482	November 8, 2018
Graylog login loops back Graylog Central (peer support)	3	962	July 13, 2017
New setup for graylog the web interface is not working Graylog Central (peer support)	2	3218	June 21, 2017

Authentication problems between graylog-web and graylog-server

Related topics