I am using Kibana dashboards as iframes under a web application. The problem is that the Kibana server is authenticated by SSO and there is no guarantee that the user's browser session is having a valid active session.
I need to make an http or XHR call to Kibana server internal to check if session is valid and redirect the user to login to Kibana if its invalid.
The problem is that I am getting CORS error and I am looking for enabling it. Could someone please help how to resolve this?
If you need to go down the CORS route, have you had a look at the server.cors related settings for Kibana in the documentation to see if these are what you need?
Thanks Carly. I tried these steps around 6 months ago on some 7.X version and it wasn't working but I tried again yesterday on Kibana 8.10 version with setting server.cors.enabled: true in kibana.yml and it worked.
Right now I have just tried on my local server and I am going make this change in production where the Kibana server is authenticated under SSO. I hope that shouldn't create any problem to make it work.
Unfortunately, it didn't work on production server. let currentUrl = new URL("[https://<kibana_server_url>]"); const xhr = new XMLHttpRequest(); xhr.open("GET", currentUrl.href, true ); xhr.send(); Access to XMLHttpRequest at '<kibana_server_url>' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I think why its working locally because my server is just http. It might need something else to work on https.
I will try to my local as https and see if it works.
Thanks
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.