Issue while accessing Kibana through CF

mahlimo · May 26, 2023, 2:34pm

Hi,

I’m trying to debug a problem and I may need a hint to where to look to find a fix.

We are accessing Kibana through Cloudflare → LB → Kibana (one instance), this setup is working perfectly with the current 7.8 cluster.
However I’m now testing 1.48+8.7.1, and with the exact same setup as before I cannot log and get a CSFR error (credential are correct). If I access Kibana directly through an SSH tunnel it works and I can login.

Having a look at what is going on with the Chrome inspector, the only thing I see is that when I’m going through Cloudflare, the call providing the script login_tpl_defer.js is not setting any Cookie in the Kibana answer, where on a direct access I can see a __Host-ror.x-csrf-token cookie set.

On the network side their are telling me that they are not doing anything with the cookies.

Any idea who can cause this issue?

Dzuming · May 27, 2023, 5:37am

Hi,

The only case I can see, for now, that could prevent cookie set is accessing the page over HTTP when kibana.yml server.ssl.enabled: true. In this case, the cookie won’t be set in the browser (I assume that the __Host-ror.x-csrf-token is unavailable in the browser cookies). If not, could you send me your kibana.yml config and the information about the request and response, like on the screen below? (you can send them as a private message on the forum)

mahlimo · June 2, 2023, 10:49am

After a couple of debugging it seems that you have to disable all caching on CF to allow the cookie to be set.