[NXP-21455] Enable to configure CORS on embedded elasticsearch cluster - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 8.10
Fix Version/s: 8.10-HF04, 9.1
Component/s: Elasticsearch

Tags:
Sprint:
nxcore 9.1.4
Story Points:
2

Description

Since ES upgrade to 2.x (~~NXP-19194~~) it is not possible to use plugin like elasticsearch-head on a standalone Nuxeo instance (with Elasticsearch 2.3 embedded).
It was working with Nuxeo < 8.10 because the CORS are enabled (http.cors.enabled = true) but since Elasticsearch 2.x the default origin (http.cors.allow-origin) changes from ALL (*) to deny for security reason.

The result is that Elasticsearch embedded is always answering with 403.
The allow origin should be configurable and may be with a default like http://localhost:.*|file:.*.
–
It is now possible to use Elasticsearch tools to inspect (like elasticsearch-head) and query (like mirage) on Nuxeo index when Elasticsearch is embedded.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

nuxeo-elasticsearch-core-8.10-HF01-SNAPSHOT-NXP-21455.jar
153 kB
2017-01-13 07:52
nuxeo-elasticsearch-core-9.1-SNAPSHOT-NXP-21455.jar
159 kB
2017-01-13 07:52
NXP-21455.patch
2 kB
2017-01-13 07:52

Issue Links

depends on

NXP-19194 Upgrade from Elasticsearch 1.5.2 to 2.x

Resolved

Activity

People

Assignee:

Benoit Delbosc

Reporter:

Benoit Delbosc

Participants:

Benoit Delbosc, Jenkins, Vladimir Pasquier

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2017-01-13 07:41

Updated:

2017-07-12 13:50

Resolved:

2017-04-05 09:24