Connecting with a different port with username and password

[NumbahzGit]

Hello! first here are my settings on ES.

http.cors.enabled: true
http.cors.allow-origin: 'https://opensource.appbase.io'
http.cors.allow-headers: X-Requested-With,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true

My ES cluster is remote and I am trying to access it through the web browser.

I also have it running on a different port, not 9200.

i tried using https://mydomain:myport, and i also tried https://username:password@mydomain:myport but I still get a "Unable to connect", what might I be doing wrong?

Actually...just something weird I noticed is on firefox i get "NetworkError when attempting to fetch resource." saying "You are trying to load http content over https. You might have to enable mixed content of your browser https://kb.iu.edu/d/bdny" but that didn't change the error. On Chrome I get "Unable to connect".

My biggest concern is, does this only work if your ES cluster is on port 9200? Is there anything I can do so it accepts my port number on ES? We aren't using 9200 for security reasons and if it has to be on 9200, I will not be able to use this.

EDIT wrong url, that was for something else.

[NumbahzGit]

Just following up, I decided to add

http.cors.enabled: true
http.cors.allow-origin: 'chrome-extension://jopjeaiilkcibeohjdmejhoifenbnmlh'
http.cors.allow-headers: X-Requested-With,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true

and try the chrome extension but I am still facing this issue. It is not getting any of my data.

The only difference I can see is that I am not using port 9200, it would be helpful if we can use other ports other than 9200.

Unless there is a different issue, but I would appreciate help understanding the issue. All the solutions or work arounds for these issues brought me to a dead end so not sure what's wrong.

EDIT:

Sorry one more thing in this note

Note: If you use Elasticsearch from a different port, the URL to access and the http.cors.allow-origin value in the configuration file would change accordingly.

For example: If you are using the chrome-extension instead of site plugins, the http.cors.allow-origin in Elasticsearch.yml file would change accordingly:

http.port: 9200
http.cors.allow-origin: "chrome-extension://jopjeaiilkcibeohjdmejhoifenbnmlh/"
http.cors.enabled: true
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type,Content-Length,Authorization
http.cors.allow-credentials: true

But in this example, the port is still 9200? Can this be elaborated.

[siddharthlatest]

@NumbahzGit Your value for:

http.cors.allow-origin: 'chrome-extension://jopjeaiilkcibeohjdmejhoifenbnmlh'

should match the browser URL's domain you're using this on. You can try this with:

http.cors.allow-origin: '*' to allow all origins.

Actually...just something weird I noticed is on firefox i get "NetworkError when attempting to fetch resource." saying "You are trying to load http content over https. You might have to enable mixed content of your browser https://kb.iu.edu/d/bdny" but that didn't change the error. On Chrome I get "Unable to connect".

Mixed content error is wrt running your Elasticsearch on a http:// port, that's a browser specific setting that you will have to tweak to allow a http:// connection over https.

Both errors are not related to the port you're running your Elasticsearch on.

[NumbahzGit]

@siddharthlatest Thank you, I appreciate the response! :)

Thank you for pointing that out, I didn't realize this issue with chrome extensions, first time doing this.

Just wanted to also confirm that my cluster being on a different port is not an issue right?

We have http.port:23074 for our ES port.

So sending http://username:password@mydomain:23074 is not an issue?

And if I wanted to access through the browser it would just be

http.cors.allow-origin: 'https://dejavu.appbase.io/' ?

[siddharthlatest]

So sending http://username:password@mydomain:23074 is not an issue?

Yes, port wouldn't the issue here.

http.cors.allow-origin: 'https://dejavu.appbase.io/'

I believe that this should work, may be remove the trailing /. More details on this how this works: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.