Geonetwork 4.4.6 and ElasticSearch security issue

Dear Community,

I’m running Geonetwork 4.4.6 via Docker (Geonetwork + postgis + elasticsearch + kibana + traefik + ogc-api + metricbeat + filebeat).

I’ve configured the minimal security for ElasticSearch.

Almost everything seems fine. Even the catalogue usage kibana dashboards are working well.

But from time to time, when navigating in the geonetwork portal a form requesting credentials for authorization appears on the browser.

It seems this is happening because the browser is performing requests directly over elasticsearch:

Do you know if I’m missing something in the configuration? Or is it a bug?

Best regards,
Juan

Hi,

This kind of request happens when the GeoNetwork web-ui tries to access the underlying data of the record in the ElasticSearch feature index. This is why the path is different.

This access is done using a simple HTTP proxy through GeoNetwork, so the credentials of ElasticSearch are not provided by GeoNetwork and must be provided by the user.

Supporting ES credentials might be a path of improvement; another solution is to simply not configure the ElasticSearch data index by omitting the associated environment variable shown here: docker-geonetwork/4.4.6/docker-compose.yml at 164b0e4605dd3cbfca5c9be411ebc75ec2aa9267 · geonetwork/docker-geonetwork · GitHub
Then these requests will simply fail and it will not disturb the user.

Cheers,

Hi @jahow ,
Thank you for the help.
The suggestion of omitting the environment variable works like a charm. :slightly_smiling_face:

Best regards,
Juan

1 Like