we are using readonlyrest 1.16.33 on ES 6.5.4, with an LDAP backend, and have noticed an odd behavior where the user’s Kibana session suddenly switches to that of the Kibana server user, under certain conditions. For example:
- ldap user logs on to Kibana
- chooses the Monitoring tab on the left hand pane
- he then chooses a different role via the multi-tenancy drop-down at the top left; note that the chosen role has no access to the Monitoring tab - it is hidden
4.the user’s Kibana session is then switched to the Kibana server session
We have since tried upgrading to 1.16.34 in the hope that would fix the issue. It did not.
How can we solve the issue?