Have no popup basic auth window

Users Feedback
1

Guys, please help me to understand what am I doing wrong. I’ve set up elasticsearch and kibana, I can login with curl to both, but from browser I expect to see or a special login page, or basic auth popup page, but I see only 401 (or 403) depends on prompt_for_basic_auth…

Elasticsearch, Kibana and plugin version is 7.10.1 free

elasticsearch.yml
cluster.name: ES
node.name: es-node-1
network.host: 10.0.0.21
http.port: 9200
discovery.seed_hosts: ["10.0.0.22", "10.0.0.23", "10.0.0.24"]
cluster.initial_master_nodes: ["10.0.0.21", "10.0.0.22", "10.0.0.23", "10.0.0.24"]
path.data: /mnt/data/elasticsearch
path.logs: /var/log/elasticsearch
path.repo: /mnt/data/elasticsearch/snapshot
bootstrap.memory_lock: true
action.destructive_requires_name: true
script.painless.regex.enabled: true
xpack.security.enabled: false

readonlyrest.yml (basic one from documentation)
readonlyrest:
  audit_collector: true
  access_control_rules:
   - name: KIBANA_SERVER
     auth_key: kibana:kibana
     verbosity: error
   - name: PERSONAL_GRP
     groups: [ Personal ]
     kibana_access: rw
     kibana_hide_apps: [readonlyrest_kbn, timelion]
     kibana_index: '.kibana_@{user}'
     verbosity: error
   - name: ADMIN_GRP
     groups: [Administrators]
     kibana_access: admin
     verbosity: error
   - name: Infosec
     groups: [ Infosec ]
     kibana_access: rw
     kibana_hide_apps: [ readonlyrest_kbn, timelion]
     kibana_index: .kibana_infosec
     verbosity: error
  users:
  - username: admin
    auth_key: admin:passwd
    groups: [Administrators, Infosec]
  - username: user1
    auth_key: user1:passwd
    groups: [Administrators, Personal, Infosec]

kibana.yml
server.port: 5601
xpack.security.enabled: false
xpack.monitoring.enabled: true
xpack.graph.enabled: false
xpack.reporting.enabled: false
logging.json: false
server.host: "localhost" (or 0.0.0.0 doesn't matter)
server.name: "ES"
elasticsearch.hosts: ["http://10.0.0.21:9200", "http://10.0.0.22:9200", "http://10.0.0.23:9200", "http://10.0.0.24:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "kibana"
logging.dest: /var/log/kibana/kibana.log

What I see in browser (no popup windows to put creds):
{"statusCode":401,"error":"Unauthorized","message":"forbidden: Response Error"}

What I see in curl:
root@elastic-node-1:~# curl -I -u kibana:kibana localhost:5601
HTTP/1.1 302 Found
location: /spaces/enter

root@staging-elastic-node-1:~# curl -u kibana:kibana 10.10.10.201:9200/_cat/nodes
10.10.10.202 3 64 0 0.00 0.22 0.29 cdhilmrstw - es-node-2
10.10.10.201 4 69 1 0.10 0.25 0.24 cdhilmrstw * es-node-1
10.10.10.203 4 65 0 0.04 0.14 0.16 cdhilmrstw - es-node-3
10.10.10.204 2 64 0 0.01 0.14 0.16 cdhilmrstw - es-node-4

What am I doing wrong?

2

Do you have Free ROR Kibana plugin installed?

3

No I don’t have kibana plugin installed, just elasticsearch one, as it’s written in official documentation

4

You know, we are not able to control how Kibana reacts on ES ROR responses. This was one of reasons why we released Free ROR Kibana plugin. I think you should install it: Free - ReadonlyREST. When our plugin is installed on Kibana’s side, we can influence the default Kibana’s behaviour (in particular, handle cases like you described)

5

ROR Free for Kibana is not available yet for 7.10.1. We only have it available for up to 7.8.1.

We will release 7.9.x compatibility for ROR Enterprise Kibana plugins only initially, then for 7.10.x , and lastly we will release also ROR PRO and Free for 7.9 and 7.10

6

Seems the same situation as on - link

7

Thanks a lot for your help.

In my case it all worked after kibana downgrading to the version 7.8.1. Elasticsearch remains v. 7.10.1 with the ROR free plugin enabled with the same version. I didn’t set up kibana plugin - and HTTP basic auth popup window worked. After that I just installed ROR kibana plugin v7.8.1 and the difference is only that I see ROR login page instead of http basic auth popup window.

The case could be closed, once again thanks for your help.

1 Like