I am using a i-frame that show to user kibana dashboard. This i-frame is in my web application. When user view this page in browser , user can see request url from network tab. If user copy the url and paste another browser tab , user can view kibana page without any authentication. I am using nginx reverse-proxy by the way.
I wanna create a server side proxy that can handle traffic between es and kibana. Is that possible? So user can't see kibana page without authentication outside web application.
You certainly can put a proxy between Kibana and Elasticsearch if you want to. We'd need more details about your setup if you want more specific advice, but a proxy in-between is doable.
I'm sorry, I must be missing something. It's not clear to me how a proxy between Kibana <--> Elasticsearch will prevent users from accessing Kibana directly.
You currently have:
Web App with embedded Kibana <--> Elasticsearch
What will Web App with embedded Kibana <--> **Proxy** <--> Elasticsearch achieve?
Users will still see the Kibana URL in this case, so they could load Kibana outside of your web app. If you put a proxy in front of Kibana, then users would only see the Proxy URL, but they could still hit the proxy URL outside of the web app, right? Unless the proxy was inspecting request headers, but that's not fool-proof.
Web App users should see embedded kibana page without authentication. Because they already login to web App. But other people when click kibana url , they should see an authentication page or form.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.