A few users reported that after a period of time, they lost session in kibana and has no access to the indexes. In the past it was easy to detect because it appeared a letter “U”. But now, the “RW” is still present. The only indication is the fact that in “logged in” is empty:
Is it possible to redirect the users to the login page?
Hello Gustavo, interesting bug! If the session is invalid, the session probe mechanism should detect and redirect (eventually, depends on what’s the session probe interval configured in kibana.yml), but you do have a point when you say that whenever the UI rendering finds out the identity object is inconsistent, there should be a redirect to /logout → /login.
Based on our current implementation, the session problem mechanism seems to be functioning correctly in detecting a different and refreshed page. However, I am puzzled as to why users are losing their sessions and there is missing metadata. Although we could enhance the session problem mechanism to identify when the username is missing and perform a logout action, it seems like the root cause of the problem lies elsewhere.
It is happening for a long time. But in the past, in the top corner instead of “RW” it showed “U” so the users could easily detect the issue and logout & login. With the latest version of ROR, that stop happening and now the users has no tip that they lost session.
Unfortunately, this task was not included in the latest release. However, we will fix it in the upcoming release. Before resorting to logout, I’d like to understand why the user lost their session in Kibana. This behavior is unexpected and could be due to a bug or incorrect configuration. Could you send me the kibana and readonlyrest configurations via private message on the forum? Additionally, if you have any Kibana/ES logs when the logout occurred, please share those as well. Thank you.