I'm trying to use nginx to authenticate users into kibana with a token that is passed as an query parameter (i.e. ?token=XXXXXX), I'm totally new to nginx and I'm facing several problem and would really appreciate some help.
when using a static authorization header it works just fine :
Thank you for your quick answer, actually this the first thing I tried, something weird happens, if i enter a valid token there is some kind of redirection that causes the token to disappear and I get a security exception telling me that there is no token, otherwise (if the token is wrong) I get an error telling me that the token is wrong (so the token is still present)
The difference here is that I removed the trailing slash in the proxy_pass command.
If you continue with the token-in-url route, you'll also need to strip off the token query parameter before sending the request to Kibana. Certain Kibana routes perform validation, and will reject requests that contain unexpected parameters. I'm not certain of the best way to do this with NGINX.
I'm also not sure what your entire system looks like, but this is likely not a secure setup. $arg_token is not an encrypted value, so anyone with access to the URLs will have access to the user credentials (username/password) since this is being pulled from a query string
I did that but still have the same behavior
Can you explain to me how to do the stripp off the token as you said ?
I know it's not so secured I'm just trying to get it to work
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.