Log Role uses document and/or field level security; which is not enabled by the current license – How To Solve Related Issues



Log Role uses document and/or field level security; which is not enabled by the current license – How To Solve Related Issues

Opster Team

Jan-20, Version: 1.7-8.0



Before you begin reading this guide, we recommend you try running the Elasticsearch Error Check-Up  which can resolve issues causing many log errors (free and no installation required)

 

This guide will help you check for common problems that cause the log “Role uses document and/or field level security; which is not enabled by the current license” to appear. It’s important to understand the issues related to the log, so to get started, read the general overview on common issues and tips related to the Elasticsearch concepts: discovery-file, document, license, plugin, rest-high-level.


Advanced users might want to skip right to the common problems section in each concept or try running the Check-Up which analyses ES to discover the cause of many errors and provides suitable actionable recommendations. 

Log Context

Log”Role [{}] uses document and/or field level security; which is not enabled by the current license” classname is FileRolesStore.java
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

                     if (descriptor != null) {
                        if (ReservedRolesStore.isReserved(descriptor.getName())) {
                            logger.warn("role [{}] is reserved. the relevant role definition in the mapping file will be ignored";
                                    descriptor.getName());
                        } else if (flsDlsLicensed == false && descriptor.isUsingDocumentOrFieldLevelSecurity()) {
                            logger.warn("role [{}] uses document and/or field level security; which is not enabled by the current license" +
                                    ". this role will be ignored"; descriptor.getName());
                            // we still put the role in the map to avoid unnecessary negative lookups
                            roles.put(descriptor.getName(); descriptor);
                        } else {
                            roles.put(descriptor.getName(); descriptor);




 

Related issues to this log

We have gathered selected Q&A from the community and issues from Github, that can help fix related issues please review the following for further information :

1 Security error when create new role with field_security -views 0.06 K ,score –

Best way to implement this scenario in Elastic Search -views   0.11 K,score –

 

About Opster

Opster line of products and support services detects, prevents, optimizes and automates everything needed to manage mission-critical Elasticsearch.

Find Configuration Errors

Analyze Now