ELK authentiation issue

Hello Team,

While accessing kibana I've added Nginx basic auth, which after asking credentials it redirects to kibana perfectly but when I enable ES security feature (xpack.security.enable : true) kibana throwing below error.

{"statusCode":401,"error":"Unauthorized","message":"[security_exception] unable to authenticate user [demo] for REST request [/_security/_authenticate], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } }"}

nginx config file

server {
  listen 80 default_server;
  server_name _;
  auth_basic "Restricted Area";
  auth_basic_user_file /etc/nginx/.htpasswd;
  location / {
        proxy_bind 127.0.0.1;
        proxy_pass         http://127.0.0.1:5601/;}}

ELasticsearch config.yml:

cluster.name: stgmb
xpack.security.enabled: true
xpack.security.authc.accept_default_password: true
xpack.security.transport.ssl.enabled: true
node.name: stgmbnode-1
path.data: /datadisk/elasticsearch
path.logs: /datadisk/log/elasticsearch
http.port: 9200
discovery.seed_hosts: ["10.0.2.109"]

Kibana & Elasticsearch version : 7.1.0

Does this demo user exist? Can you authenticate to Elasticsearch with that user and password?

Demo user exist only in nginx basic auth
I've set two authentications: one is nginx basic auth and another one is ELK auth.

Sorry, I don't understand what you're trying to do here.

From what you've written it looks like:

• You've enabled security in Kibana
• You have basic authentication enabled in Nginx
• You have a "demo" user in Nginx, but not in Kibana
• Nginx is passing the "demo" user credentials to Kibana
• But this user doesn't exist in Kibana, so it fails.

That all seems to be working exactly as we'd expect.
What exactly is the issue?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.