Hi.
I'm using nginx as a reverse proxy to auto-authenticate a dashboard iframe (via share) in another server....
So far i have this:
server {
listen 443 ssl http2 default_server;
ssl_certificate "/etc/pki/tls/certs/domain/domaincertificate.crt";
ssl_certificate_key "/etc/pki/tls/certs/domain/domainkey.key";
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Authorization "Basic *";
proxy_pass https://my.kibanaserver:5601;
proxy_redirect off;
proxy_buffering off;
}
}
With the above configuration i'm able to open a browser like this:
https://myreverseproxy.domain.com
and get the data from
https://my.kibanaserver:5601
The user
configured is read-only, works in a independent space and has limited access to other parts of the platform...
So far so good..
What i need to do is to "disable" or "protect" other links in the dashboard... permitting to the user only navigate the specific dashboard assigned for him.
For example let's say that i have a dashboard and i want show it through my reverse proxy:
https://myreverseproxy.domain.com/s/clientes/app/dashboards#/view/2a956837-49a7-4gg7-a233-4f7c69c997c7
This works ok..
But when i try to access :
https://myreverseproxy.domain.com/s/clientes/app/home#/
or
https://myreverseproxy.domain.com/s/clientes/app/dashboards#/
It take me there...which i don't want to...
is there a way to ban the access to that "resource" to the user through nginx configuration?
Or maybe there is a better approach?
Thanks in advance
Ricardo