Kibana 3 with nginx ldap authentication - doesn't accept OPTIONS method?

I have 2 virtual hosts on the same nginx server, that both use the
nginx-auth-ldap module. the
first virtual host is the Kibana that is authenticating with ldap using
nginx-auth-ldap, then it forwards the request to the second virtual host
which is a reverse proxy to my elasticsearch server. My problem is that the
second virtual host should have ldap authentication enabled too. I've used
the information from this post's answer :How and where to implement basic
authentication in Kibana 3

  1. Changed Kibana's config.js to -

elasticsearch: {server: "http://localhost:9200", withCredentials: true},

  1. Change my elasticsearch.yaml to have the following :

transport.tcp.port: 9300
http.port: 9200
http.cors.allow-credentials: true
http.cors.allow-origin: "/.*/"
http.cors.enabled: true

But now when I send requests to Kibana, its saying that the Connection
Failed, and the requests that I see failing are the OPTIONS requests that
get 401 Unauthorized. Any other request (GET) seems to go through with the
credentials. The next step on the previous post says that I need to- "white
list the HTTP OPTIONS method in your reverse proxy configuration as only
GET, PUT, POST and DELETE requests include the cookies."

Has anyone here done this and can share their experience ?



You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit
For more options, visit