hi,
i’m using es 6.1.1 + kibana 6.1.1 + readonlyrest_kbn@1.16.27 (ent)
the ror-es pluging version is 1.16.18
(i cannot copy+paste from real env so i typed it all. i hope there aren’t too many mistakes)
the readonlyrest.yml looks like :
enable: true
response_if_req_forbidden: ...
audit_collector: true
prompt_for_basic_auth: false
access_control_rules:
- name: "::KIBANA::"
auth_key: kibana:kibana
verbosity: error
- name: "::RO::"
auth_key: ro:dev
kibana_access: ro
indices: [".kibana*"]
verbosity: error
- name: "::RW::"
auth_key: rw:dev
kibana_access: rw
indices: [".kibana*", "*"]
verbosity: error
- name: "::ADMIN::"
auth_key: admin:dev
kibana_access: admin
- name: "::WEBSITE SEARCH BOX::"
indices: ["public"]
actions: ["indices:data/read/*"]
{
couple of blocks of applications users
that authenticate using ldap. they looks like :
- name: "application 1"
verbosity: error
type: allow
ldap_auth:
name: "ldap1"
groups: ["group1"]
indices: ["ind1*",".kibana*"]
actions: [....]
kibana_hide_apps: ["readonlyrest_kbn"]
}
on chrome , when i’m trying to login using kibana (user is ldap authenticate) i get :
could not login: "server error: 404 - for
get
http://<SERVERNAME>:9200/_readonlyrest/metadata/current_user
headers: {\"authorization\":\"basic
....\"}"
on firefox i get :
{“statuscode”:400,“error”:“bad request”,“message”:“request must contain a kbn-xsrf header”}
when i’m using a command line with the same user+pw like :
curl -u <user>:<pw> http://<server>:9200/...
everything is ok
please advise