both ES clusters have the same users definition (elastic/elastic, kibana/kibana and so on..)
ISSUE:
when I login to Kibana Analytics and I do the same (with the same or different user, in the same or different moment) to Kibana Monitoring they both logout.
TESTED USE CASES
All 4 Kibana instances running: KO
1 single Kibana instance of each type running on the same host (eg. HOST #1): KO
1 single Kibana instance of each type running on different hosts: KO
I defined a different kibana_system user to be used by a specific kibana instance: KO
Hi guys,
in addition (I'm working with Alessandro): we bypassed LB and used Kibana straight on hosts, but the issue persists. I checked on both KB instances (monitoring and analytics) log files (verbose: true) but didn't find nothing special except for a lot of 304 http code and a correct login as you can see:
{"type":"log","@timestamp":"2019-11-15T14:07:53Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Trying to perform a login."}
{"type":"log","@timestamp":"2019-11-15T14:07:53Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Login has been successfully performed."}
I found also the following message (frequently)
{"type":"log","@timestamp":"2019-11-15T14:20:27Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Trying to authenticate via header."}
{"type":"log","@timestamp":"2019-11-15T14:20:27Z","tags":["debug","plugins","security","basic"],"pid":25512,"message":"Authorization header is not presented."}
Solved.
We set the following properties in kibana.yml files: xpack.security.cookieName xpack.security.encryptionKey
NB: these properties should be reported inside Using Kibana in a production environment in a proper paragraph dedicated to Kibana for Monitoring and Kibana for Analytics clusters, in my opinion
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
