I was looking at trying to share access to my Dashboard via the provided iFrame code, and when I place the iFrame into my html page it its my kibana instance but... it fails to let me log in and see my dashboard, is there another step I need to do to get this configuration working? Or can this not work?
Have you tried setting up anonymous access?
Thank you for your input here, I have a couple of questions:
- Once I set up the anonymous user, how do use that user? The iFrame still wants me to log in but that user doesn't have a password? Is there some configuration I need beyond that?
- How can I prevent the anonymous user from being used by someone else to access other dashboards/data beyond what I am hosting in my iFrame? I am assuming there is some way to tie it to the iFrame?
I appreciate the assistance here thank you!
I did find these pages:
Both of which seemed helpful, I was attempting to use the
technique mixed with configuring kibana.yml for a credential based login of an anonymous user. If I am not mistaken this doesn't require any configuration other than to create the user on the Elasticsearch side.
But this had some weird outcomes:
- First it made it so that it completely eliminated logging in so I had to add a basic auth section in above that in the order and indicate that
- Once I did that it didn't just default to logging me in as the "anonymous" user and would let me again log in as any user I wanted but, now when I tried to go to my iFrame it would just load over and over again, alternating between the "welcome to elastic/authenticating" and "loading elastic" screens but never make it to my dashboard.
First it made it so that it completely eliminated logging in so I had to add a basic auth section in above that in the order and indicate that
Yes, if your
kibana.yml started with no configuration for
xpack.security.authc.providers, then we default it to use the
basic auth provider. However, once you configure this with one or more entries, we no longer include the
basic auth provider by default, so you have to add it in if you still want to use it.
when I tried to go to my iFrame it would just load over and over again, alternating between the "welcome to elastic/authenticating" and "loading elastic" screens but never make it to my dashboard
This sounds like the browser isn't setting Kibana's session cookie correctly. I have a couple of followup questions for you:
- Just double checking this, did you configure Kibana to not require same-site cookies? This is done by setting
xpack.security.sameSiteCookies: "None", as described in the
Embedding a dashboard docs.
- What browser are you using? Safari is especially problematic here, but you could have this happen in any private browsing session: User cannot open Kibana in private browsing with cookies blocked · Issue #41444 · elastic/kibana · GitHub. There's not much that Kibana can do in this scenario, as the browser is explicitly forbidding us from setting these cross-origin cookies. Without these cookies, Kibana simply can't authenticate or authorize you.
If the same-site cookie config doesn't fix your problem, can you post your full
kibana.yml file, but redact any sensitive information such as URLs, usernames, and passwords?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.