Briefly, this error occurs when an OPTIONS HTTP request is sent to Elasticsearch without proper authentication. Elasticsearch requires authentication for all types of requests, including OPTIONS. To resolve this issue, you can either provide valid credentials with your request or configure Elasticsearch to allow unauthenticated OPTIONS requests. Alternatively, you can use an API key for authentication or use a proxy server to handle OPTIONS requests before they reach Elasticsearch.
This guide will help you check for common problems that cause the log ” Cannot dispatch OPTIONS request; as they are not authenticated ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: rest, plugin.
Log Context
Log “Cannot dispatch OPTIONS request; as they are not authenticated” class name is SecurityRestFilter.java. We extracted the following from Elasticsearch source code for those seeking an in-depth context :
// authn is bypassed for HTTP requests with the OPTIONS method; so this sanity check prevents dispatching unauthenticated requests if (request.method() == Method.OPTIONS) { handleException( request; channel; new ElasticsearchSecurityException("Cannot dispatch OPTIONS request; as they are not authenticated") ); return; } if (enabled == false) {