Reverse proxy pattern matching no longer works with Kibana 5

schmorgs · April 19, 2017, 12:32pm

In Kibana 4 and below, we have an Apache reverse proxy sitting in front and used the LocationMatch directives to restrict users to certain dashboards, etc.
e.g. user A had full control over visualisations / dashboards beginning with "TEST"

This worked because Kibana posted the name of the dashboard/visualisation as part of the URL parameters.
e.g.
http://localhost:8901/app/kibana#/dashboard/Overview-Home-Page

However in Kibana 5, the object names have been replaces with a unique ID and so it is not possible to pattern match the URL any more.

http://localhost:8901/app/kibana#/dashboard/d4ee92e0-24f2-11e7-bad6-e3c5ea18d785

It's also confusing as the new URL is meaningless to a user.

Is there any way to make Kibana 5 behave in the same way it did before?

(PS I know x-pack provides native security but cost is an issue)

cjcenizal · April 19, 2017, 8:43pm

Hey there, unfortunately I don't think there's an easy way to change Kibana back to support your use case. Here's the original PR which introduced this change, to give some context: https://github.com/elastic/kibana/pull/9087. The string in the URL is and always has been the dashboard ID, except we originally repurpose the dashboard's name as the ID. This created problems when we added functionality for renaming the dashboard.

Thanks,
CJ

cjcenizal · April 19, 2017, 9:11pm

I've created an issue to add support for specifying your own ID, which should solve your problem once we add a fix. Please feel free to follow the issue at https://github.com/elastic/kibana/issues/11338, and chime in if you have any thoughts. And of course, PRs are welcome!

Thanks,
CJ

system · May 17, 2017, 9:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.