Problem with whitelistedPaths


#1

Hi,

I have the following kibana.yaml:

---
elasticsearch.password: xxx
elasticsearch.ssl.verificationMode: none
elasticsearch.url: https://xxx:9200
elasticsearch.username: xxx
readonlyrest_kbn.whitelistedPaths: [".*/api/status$"]
server.host: 198.19.0.2
server.port: '5601'
server.ssl.certificate: "/etc/kibana/kibana.cert"
server.ssl.enabled: true
server.ssl.key: "/etc/kibana/kibana.key"
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: true
xpack.security.enabled: false
xpack.watcher.enabled: false

curl -v -k https://198.19.0.2:5601/api/status

gives:

< HTTP/1.1 302 Found
< location: /login
< kbn-name: kibana
< kbn-xpack-sig: xxx
< content-type: text/html; charset=utf-8
< cache-control: no-cache
< content-length: 27
< connection: close
< Date: Tue, 12 Feb 2019 09:40:47 GMT
<
* Closing connection 0
You are being redirected...

With the following line in the logs:

Feb 12 09:40:47 xxx kibana: {"type":"response","@timestamp":"2019-02-12T09:40:47Z","tags":[],"pid":28504,"method":"get","statusCode":302,"req":{"url":"/api/status","method":"get","headers":{"user-agent":"curl/7.29.0","host":"198.19.0.2:5601","accept":"*/*"},"remoteAddress":"198.19.0.2","userAgent":"198.19.0.2"},"res":{"statusCode":302,"responseTime":3,"contentLength":9},"message":"GET /api/status 302 3ms - 9.0B"}

I’ve tried several variations for the regexp, but I always get the redirect to /login.

Any ideas what could be wrong?

kind regards,
Kristof


(Simone Scarduzio) #2

Yep just verified “whitelistedPaths” does not work anymore after we fixed the “cookiePass”. Adding this to the back log


(Ravikanth) #3

Simone,

is this a breakage in the 1.16.34?

This is very important for the Load Balancers to work. if possible can this be prioritized?

Thanks,
Ravikanth


(Simone Scarduzio) #4

@ravjanga, we have an engineer on this regression right now. No worries :slight_smile: