I have implemented LDAP authentication using ROR file. When i try to apply filters to index it starts giving me error. Save object is missing or unable to load dashboard id.
if i donot apply filter it works fine.
I want to apply the user_id filter to ldap block but its not working if i change the order of blocks moving filter block first then it will start giving error dashboard missing or saved object not found
I am sucessfully ab le to login via ldap this is the error i am getting in Kibana.
[error][readonlyrest_kbn:onPreResponse] got an error [404] Not Found for path /k/plugins/readonlyrest_kbn/css/armata_montserrat_font.css
log [12:29:32.167] [error][readonlyrest_kbn:onPreResponse] index not found, will return the useful error.
log [12:29:40.021] [info][readonlyrest_kbn:extractIdentity] asked for group undefined
log [12:29:41.510] [info][readonlyrest_kbn:enrichFromEs] received identity payload: {“x-ror-username":"user@abc.com”,“x-ror-kibana-hidden-apps”:[“kibana:dev_tools”,“kibana:management”,“readonlyrest_kbn”,“timelion”],“x-ror-kibana_access”:“ro”}
Remember the ACL blocks are evaluated from top to bottom, one by one.
LDAP_B2 block has no indices rule, so this block will match and the filter will be applied even when the user “abc@abc.com” reads from “.kibana” index. This is why the savedObjects API - which writes and reads documents from “.kibana” - fails.
Make sure the LDAP_B2 has an indices rule, to limit the filter application to data indices exclusively (i.e. “account_*”), leaving the access to “.kibana” unfiltered.
Hi,
There is no identation issue actually when i paste code here it occurs. Only problem which i am facing is when i apply filter to document it wont work in kibana for DLS
this issue has been fixed in the newest pre release. And we also have a brand new filter rule that does not require you to install ROR in all the Elasticsearch nodes in your cluster, but only the ones you connect Kibana to.
Is this happening while using the latest plugin that I linked to you?
Also, please have a look at elasticsearch logs, try to find any errors, and the “ALLOWED” log line with the same timestamp corresponding to when you see “index not found, will return the useful error”.
Also, can you please attach the full sanitized YAML file? I mean as an attachment.
Hi this is my YML file. Yes i have used the latest plugin i shared. Not working for me.
What i have done i have downloaded older version of ELK plus ROR plugin it stared working with the same YML i shared with you.
Might be i am missing some settings with new versions.
The extra block that contains the filter rule needs to be BEFORE the regular one. As I said, the ACL is evaluated top to bottom, so the incoming search requests find first the filtered block, and all other requests will be matched by the regular block, right after the filter one.
I found the same mistake also in the other user’s block…