Deny login to kibana to any user not in role_mapping


(Cornoualis) #1

Hi,

I just configured security to interact with my AD.
I discovered that any user (someone not in role_mapping.yml) can login to kibana.
Of course, he won't be able to to anything in it, but he can still reach the interface.

Is there a way to avoid it?

Thanks in advance!


(Joe Fleming) #2

It's a current limitation of Kibana and the Security plugin. A user without the kibana_user role (the default, so that's the case you're seeing) will still be able to log in, but they won't be able to interact with anything. Every page will show a permissions error message, but nothing stops them from logging in.

There's some discussion happening right now to figure out how to stop the user from being able to log in in the first place, but it's a known limitation right now.


(Cornoualis) #3

Thank you Joe!


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.