Kibana - SESSSION_EXPIRED right after login

Elastic Stack Kibana
1

I have a kibana cluster up and running with xpack security enabled. Whenever I try to login, I see the homepage being displayed and right after a redirect happens (in js) to the login page again with the "Your session has expired. Please log in again." message being displayed.

On the network tab in chrome, I can see the POST to /api/security/v1/login being successful, but then the next call (/api/xpack/v1/info) gets a 401

The same instance works fine if I access kibana on localhost:5601, the problem only appears when I go through my nginx reverse proxy.

Where can I find documentation for this matter ?

2

Hi,

Which version of Kibana are you running? We have documentation on x-pack security but we don't really support nginx proxy. We know a lot of our users use it though.

If you could tell me your Kibana version and your config for the proxy, I will try to reproduce it in my local.

Thanks,
Bhavya

3

Hi,

I am actually running on Docker, using the elastic.co 5.4 image: docker.elastic.co/kibana/kibana:5.4.0

This docker image runs on a kubernetes cluster. Below is the nginx configuration used:

server {
 server_name xxx;
 listen 80;
 listen 443  ssl spdy http2;
 ssl_certificate xxx;
 ssl_certificate_key xxx;

 more_set_headers                            "Strict-Transport-Security: max-age=15724800; preload";

 location / {
     # enforce ssl on server side
     if ($scheme = http) {
         return 301 https://$host$request_uri;
     }

     proxy_set_header Host                   $host;

     # Pass Real IP
     proxy_set_header X-Real-IP              $remote_addr;

     # Allow websocket connections
     proxy_set_header                        Upgrade           $http_upgrade;
     proxy_set_header                        Connection        $connection_upgrade;

     proxy_set_header X-Forwarded-For        $proxy_add_x_forwarded_for;
     proxy_set_header X-Forwarded-Host       $host;
     proxy_set_header X-Forwarded-Port       $server_port;
     proxy_set_header X-Forwarded-Proto      $pass_access_scheme;

     # mitigate HTTPoxy Vulnerability
     # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
     proxy_set_header Proxy                  "";

     proxy_connect_timeout                   600s;
     proxy_send_timeout                      60s;
     proxy_read_timeout                      600s;

     proxy_redirect                          off;
     proxy_buffering                         off;

     proxy_http_version                      1.1;


     proxy_pass http://kibana-svc-5601;
 }

}

4

Hi,

I actually found the issue, my mistake. I had many kibana instances running behind nginx, but without any sort of session affinity. I now have how to figure how to do that with kibana.

5

Hi Benjamin,

I am not sure when I am getting to reproducing this in my local. Especially because I have never done it with docker/kubernetes. I will try later tonight or get some help.

Can you please checkout these posts in the meantime? nginx https://discuss.elastic.co/search?q=nginx%20category%3A7 May be they will help?

Thanks,
Bhavya

6

Hi Bhavya,

It seems I responded about the same time as you actually wrote your post. Please my above me previous comment.

Thanks
Benjamin

7

Ah Ok. Thanks for keeping us posted.

Cheers,
Bhavya