Kibana login with Shield

rohitkumars · March 21, 2016, 11:23am

Hi

I have created a user with roles kibana4 and marvel_user. While doing login in kibana using shield it redirects me to the login page again after it verifies the username and password. There is no error which is prompted or which I can see in kibana logs.

Please help.

Thanks
Rohit

pickypg · March 21, 2016, 2:46pm

Hi Rohit,

Can you provide the configuration that you're using? Feel free to use a fake username/password, but it would be good to see what is happening with the configuration that is there.

rohitkumars · March 21, 2016, 5:02pm

Hi Chris

Thank you for the response. When using fake username and password it prompts invalid username and password.

Can you please tell in details which configurations you need?

Thanks
Rohit

pickypg · March 21, 2016, 6:16pm

Rohit,

In terms of configuration:

Version of Kibana
Version of the Shield plugin for Kibana
Version of ES
Kibana configuration file (replace passwords!)
ES configuration (replace passwords!)

As a side note, you must use SSL to take advantage of the Shield plugin to Kibana because otherwise your information is public across the wire and inherently insecure.

Thanks,
Chris

rohitkumars · March 21, 2016, 7:43pm

Hi Chris

Version of Kibana - 4.4.2
Version of the Shield plugin for Kibana - 2.2.1
Version of ES - 2.2.1

Kibana configuration -

server.port: 5601
server.host: "localhost"
elasticsearch.url: "http://localhost:9200"
elasticsearch.username: "kibana"
elasticsearch.password: "dummy"
server.ssl.cert: /etc/pki/tls/certs/logstash-forwarder.crt
server.ssl.key: /etc/pki/tls/private/logstash-forwarder.key
shield.encryptionKey: "dummy"

ES configuration -

cluster.name: elasticsearch
network.host: localhost
http.port: 9200
http.cors.enabled: true

I'm using nginx and set its redirect url to "https://localhost:5601". Auth is turned off for nginx. Also I'm already using a self signed certificate. Please let me know if I'm missing or doing something wrong.

Thanks
Rohit

dfr0 · March 22, 2016, 3:59am

Hi rohitkumars i think you need redirect to the hostname/app/kibana on the new versions work on this way.

rohitkumars · March 22, 2016, 12:57pm

Hi Chris

It worked for me using https://localhost:5601 but while working with nginx this login issue is coming up for kibana.

Thanks
Rohit

pickypg · March 22, 2016, 3:10pm

Hi Rohit,

I suspect that dfr0 is hitting pretty close to what is happening here. Can you show me the nginx configuration?

Topic		Replies	Views
Cannot login to Kibana with elastic login Kibana elastic-stack-security	11	6303	August 14, 2019
Shield authentication issue Elasticsearch elastic-stack-security	12	2195	July 6, 2017
Kibana + Shield + NGinx - Thrown back to the login screen Kibana	5	1262	July 6, 2017
Using https to login to Kibana Kibana elastic-stack-security	7	3442	May 7, 2020
Action [indices:data/read/search[phase/query]] is unauthorized for user [kibana4_server] Elasticsearch elastic-stack-security	3	4612	July 6, 2017

Kibana login with Shield

Related Topics