Embedded Kibana Dashboard Login

Elias_Kardel · July 14, 2019, 8:33pm

Hi there,

I already went through all the relevant posts in this forum. But I am still confused what is the best way to tackle my problem:

My ELK is hosted on https://cloud.elastic.co/
I am runnning version 7.2 of Kibana and elastic search.

I want to share Kibana Dashboards to an external page with logging in the user automatically.
I already ran into the CORS problems and seems that I can not configure these settings on the hosted cluster.

What are the steps to make this work for my configuration?

If absolutely necessary I could try to set up this nginx proxy. The data displayed in the Dashboards shall change depening on who is logged in (realised by field permissions). Any limitations there if I go for this nginx approach?

Moreover, I saw that I can enable SAML for Kibana auth. I using a google firebase based system. Seems that Google Cloud serves SAML auth too. Might be better to go for that approach?

https://cloud.google.com/identity-platform/docs/how-to-enable-application-for-saml

Thanks Elias

Marius_Dragomir · July 18, 2019, 11:49am

I would recommend on going the SAML route. This is fully supported by Elastic Cloud and you won't be hit with the CORS problems.

Elias_Kardel · July 20, 2019, 10:25pm

I ended up trying the reverse proxy:

keepalive_timeout 65;

#gzip  on;

include /etc/nginx/conf.d/*.conf;
server {
    listen 443 ssl ;
    server_name localhost;
ssl_certificate /etc/ssl/certs/kibana-access.pem;
ssl_certificate_key /etc/ssl/private/kibana-access.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    location / {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_set_header  X-Found-Cluster xxxxxxxx;
    proxy_set_header  X-Real-IP $remote_addr;
    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for
            add_header 'Access-Control-Allow-Origin' '*';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS, DELETE, PUT';
            add_header 'Access-Control-Allow-Headers' 'x-requested-with, Content-Type, origin, authorization, accept, client-security-token, kbn-version, kbn-xsrf';
            proxy_pass  https://xxxxxxxxxxxxx.us-east-1.aws.found.io;
    }

}
}

I can browse Kibana when going to https://YYYYY. So the proxy must be basically working.

But POST on https://YYYYY/api/security/v1/login gives 400 Bad Request Error. The request body carries the login credentials in JSON format.

Is that even meant to be used like that? Having users with their credentials loging in at Kibana with POST via nginx proxy.

system · August 17, 2019, 10:25pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.