Kibana login with Shield

security

(Rohit) #1

Hi

I have created a user with roles kibana4 and marvel_user. While doing login in kibana using shield it redirects me to the login page again after it verifies the username and password. There is no error which is prompted or which I can see in kibana logs.

Please help.

Thanks
Rohit


(Chris Earle) #2

Hi Rohit,

Can you provide the configuration that you're using? Feel free to use a fake username/password, but it would be good to see what is happening with the configuration that is there.


(Rohit) #3

Hi Chris

Thank you for the response. When using fake username and password it prompts invalid username and password.

Can you please tell in details which configurations you need?

Thanks
Rohit


(Chris Earle) #4

Rohit,

In terms of configuration:

  • Version of Kibana
  • Version of the Shield plugin for Kibana
  • Version of ES
  • Kibana configuration file (replace passwords!)
  • ES configuration (replace passwords!)

As a side note, you must use SSL to take advantage of the Shield plugin to Kibana because otherwise your information is public across the wire and inherently insecure.

Thanks,
Chris


(Rohit) #5

Hi Chris

Version of Kibana - 4.4.2
Version of the Shield plugin for Kibana - 2.2.1
Version of ES - 2.2.1

Kibana configuration -

server.port: 5601
server.host: "localhost"
elasticsearch.url: "http://localhost:9200"
elasticsearch.username: "kibana"
elasticsearch.password: "dummy"
server.ssl.cert: /etc/pki/tls/certs/logstash-forwarder.crt
server.ssl.key: /etc/pki/tls/private/logstash-forwarder.key
shield.encryptionKey: "dummy"

ES configuration -

cluster.name: elasticsearch
network.host: localhost
http.port: 9200
http.cors.enabled: true

I'm using nginx and set its redirect url to "https://localhost:5601". Auth is turned off for nginx. Also I'm already using a self signed certificate. Please let me know if I'm missing or doing something wrong.

Thanks
Rohit


(David F.) #6

Hi rohitkumars i think you need redirect to the hostname/app/kibana on the new versions work on this way.


(Rohit) #7

Hi Chris

It worked for me using https://localhost:5601 but while working with nginx this login issue is coming up for kibana.

Thanks
Rohit


(Chris Earle) #8

Hi Rohit,

I suspect that dfr0 is hitting pretty close to what is happening here. Can you show me the nginx configuration?


(system) #9