Kibana authentication-Should ask credentials access in kibana UI and Bypass authentication in CUSTOM WEBUI angular based

Elastic Stack Kibana
1

Hello All,

I've requirement where in custom web ui it should not ask any authentication i.e direct access of dashboards in custom website.(This is achieved using anonymous user setting in kibana.yml)

But now this same anonymous user is directly able to access through KIBANA UI ,I don't want this to happen,I just want in custom webui it should not ask for any autnetication, but in kibana UI it should always ask username and password, and not show anonymous user.

Why so?
Admin visits webui-so need direct access in webui without authentication-This done using anonymous user.But if anyone visits kiabana ui it now shows both anonymous user-who is able to login direct in kibana ui and at same time also asking username and password option.

Any suggestion would be helpful.

The below config in kibana.yml allows me to direct access my dashboards without authentication in custom web ui, same time its allowing in kibana ui also-This is not required.

xpack.security.authc.providers:
  anonymous.kibana_user:
    order: 0
    credentials:
      username: abc
      password: abc

I want to avoid continue as guest in kibana ui,just only username and password basic should ask:
with below config i get below image as output in kibana ui and custom webui----in kibana ui anonymous user should not come

elasticsearch.username: abc
elasticsearch.password: abc


xpack.security.authc.providers:
  anonymous.kibana_default_user:
    order: 0
    credentials:
      username: abc
      password: abc
  basic.basic1:
    order: 1

image
image921×697 23.2 KB

t

2

Sorry, I cannot really understand what doesn't work as expected, can you please elaborate a bit mroe? I'm wondering if you're trying to describe behavior described in Session storage for embedded iframes with kibana dashboards and anonymous user?

1 Like
3

Hello @azasypkin ,

Sorry to respond late on this,due to other priority usecases and still struggling to achieve below -

I have this requirement:

  1. While accessing kibana: it should always ask for user credentials i.e username and password to login.
    2)Now dashboards are embedded in custom webui and now in our web ui it should never ask for any credentials and direct login(By pass authentication). For this anonymous user works fine.

Now with below yml file : just trail and error method I am able to achieve in custom webui direct login ,but in kibana access it not always ask for username and password and also gets error in kibana log: authentication_seesion timeout after few min.

Intention:
kibana access will always have credentilas to login ,but custom web ui should never ask any credentials so that admins can directly see required dashboards.

current kibana.yml config

server.name: mis
elasticsearch.hosts:
- https://abc:433
elasticsearch.ssl.certificateAuthorities: /l/ece_proxy_root_ca.pem
elasticsearch.ssl.verificationMode: none
server.port: 5601
server.host: kpmg08appl002.dev.kpmg01.group.kpmg
logging.appenders.default:
  type: file
  fileName: /l/app/mis/kibana/kibana-8.8.2/logs/kibana.log
  layout:
    type: pattern
server.publicBaseUrl: http://kpmg08appl002.dev.kpmg01.group.kpmg:5601
elasticsearch.username: "abc"
elasticsearch.password: "abc"
xpack.security.authc.providers.basic.basic1.order: 0
xpack.security.authc.providers.anonymous.kibana_default_user.order: 1
xpack.security.authc.selector.enabled: false
xpack.security.authc.providers.anonymous.kibana_default_user.credentials.username: "abc"
xpack.security.authc.providers.anonymous.kibana_default_user.credentials.password: "abc"
4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.