Hi there, my team is responsible for a few clusters and the users are running into two different errors fairly frequently. At the moment we are focusing on two issues that seem to have similar causes.
The first log entry is: GET /api/security/<mark>logout</mark>?msg=SESSION_EXPIRED&next=%2Fapp
The second entry is less frequent: { Error: [security_exception] token expired, with { header={ WWW-Authenticate="Bearer realm=\"security\", error=\"invalid_token\", error_description=\"The access token expired\"" } }
These unwanted logouts are only occuring when the users us chrome. They have been using firefox for the last two days and haven't run into either issue yet. When they were using chrome we also saw issues loading dashboards. We pulled up task manager and watched the network traffic when they clicked on the dashboard in question. There was a short time when data was moving then quickly and suddenly the network data would stop.
We have made the following changes to the kibana.yml with out any success.
What version of the Kibana you're using? If anything older than 7.10, then I'm afraid you're hitting the issue we've discovered recently:
In January 2021 Chrome released (and hence all Chromium based browsers I suppose) a so called intensive throttling feature, that's triggered when all of the following conditions are true:
The page has been hidden for more than 5 minutes.
The chain count is 5 or greater.
The page has been silent for at least 30 seconds.
WebRTC is not in use.
In this case, the browser will check timers in this group once per minute effectively increasing any auto-refresh interval that you set to be at least one minute. This browser behavior conflicts with the auto-refresh logic in various way, but these are technical details.
Firefox doesn't have an "intensive throttling" mode yet and hence the issue isn't reproduced there.
Unfortunately there is not much you or we can do here, the options are basically these:
Upgrade to 7.10 that introduced server-side sessions in Kibana that are supposed to remede unexpected logouts
Use a non-Chromium based browser (e.g. Firefox)
Continue using Chrome, but turn off intensive throttling. Go to chrome://flags/ and disable Throttle Javascript timers in the background.
Oleg, thanks for getting back to me the cluster that I am paying the most attention to and where this is the most noticeable is on 7.10.1. Which seems like this might not be the issue that we are seeing? I am going to take a look at the chrome settings and suggest it to the guys anyways. Any other thoughts for why it could be happening on 7.10. Thanks so much I am going to share your answers with the group. We have been stuck for quite a while on this one.
Yeah, intensive throttling still affects 7.10, but it shouldn't cause sporadic logouts unless you've discovered something new that we're not aware of yet.
If you're an Elastic customer, then just file a support ticket and it will eventually hit my team.
If not, feel free to file a bug here and attach Kibana verbose logs and HAR file (please remove any sensitive info from there first) and tag me @azasypkin.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.