If you just upgraded to Elasticsearch 2.3.0 and are now getting fatal "Authorization Exception" errors when you try to access Kibana in Chrome or Safari, you can likely fix the issue with a quick configuration change.
If you have http.cors.enabled
set in your elasticsearch configuration for Kibana's sake, remove it. This configuration is no longer necessary in Kibana 4.
If you require http.cors.enabled
in your elasticsearch config for some other reason, then as of ES 2.3.0, you must also set http.cors.allow-origin
: https://www.elastic.co/guide/en/elasticsearch/reference/2.3/breaking_20_setting_changes.html#_cors_allowed_origins
The github issue for this is https://github.com/elastic/kibana/issues/6719