When we click a kibana link to a dashboard, we occasionally lose the original link if the current session needs to re-authenticate, and we are left with the default screen after logging in. This is very problematic for some of our users we give the URLs to (via watcher actions). The users don't realize what's going on and don't know what screen to expect.
This only happens in our production environment (elasticsearch version 6.8.5). Our dev environment is 7.5.1 and it doesn't happen there. Is there anything we can do to stop this behavior in prod (we're not ready to upgrade it yet).
We just verified that this issue is not fixed in Dev (7.5). The problem is caused by the length of the URL. We have watchers that have links to pre-existing dashboards. We like to send query strings along with the dashboard that are unique to each watcher action, so the URL tends to get very large.
A smaller URL fixes all this. We're currently stuck discussing how to get a call to the URL shortening API somehow. The watcher cannot call this API, and the stored script cannot call it (unless this has changed?). All of our watchers call a stored script and it would be great if we could somehow reduce the size of the URL in there.
This may be our solution, as we don't have that setting in our yml file, so we are at the default which is 2KB (max is 4KB).
Do you happen to know if there's an API call to change that setting, instead of having to do a restart? I'm searching online but can't find it. I see in DevTools that xpack.security.authc.providers isn't available for xpack or _xpack.
Last question on this...do you know the correct format for putting this in the kibana.yml file? We're getting the following error:
FATAL Error: [xpack.security.authc.providers]: expected value of type [array] but got [Object]
Our original line in our kibana.yml file is:
xpack.security.authc.providers: [saml, basic]
We tried putting the following but got the error:
xpack.security.authc.providers: [
saml.saml1:
order: 0
realm: saml1
maxRedirectURLSize: 4kb,
basic.basic1:
order: 1
]
Also it just occurred to me that we have saml settings in our elasticsearch.yml file with xpack.security.authc.realms.saml.comcastsaml in there already. Should that be what we are referring to?
Lastly, let me know if you think I should create a support ticket with ES for this. They always said I should try here first.
Do you happen to know if there's an API call to change that setting, instead of having to do a restart?
@myasonik is right, the only way to adjust these settings is via yml today. We've resisted offering APIs for adjusting sensitive settings such as these. Having physical write access to the yml file is an additional layer of security here.
do you know the correct format for putting this in the kibana.yml file? We're getting the following error:
Try the following format in your kibana.yml. Note that I used comcastsaml as the realm name here to match what I presume you have in your elasticsearch.yml based on your comment above:
This format worked for us, in that we were able to bring up the node. It didn't fix our original problem when the dashboard URL is too large AND re-authentication happens. Thanks for your help, though. It's good to know of this.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.