Skip Login page for kibana

shubhamverma27 · 2017-07-12 09:53:29 UTC

Hi, @sscarduzio @ld57
How to skip the login screen for kibana , and pass the credentials through Basic Authentication during POST request?
Like I want to share an Iframe link of Dashboard and want the user to call it through his application…
So I dont want the login page to appear again and want to pass the credentials from previous app…
I am using LDAP.

hijakk · 2017-07-14 19:15:11 UTC

This is interesting to me as well. At present I’ve disabled the Kibana plugin to avoid the login page when doing passthrough auth, but that doesn’t seem like the best solution.

sscarduzio · 2017-07-14 22:05:21 UTC

You need the Kibana plugin, you should make an HTTP call to the Kibana POST /login endpoint (with username and password), obtain the cookie in the response header, and then inject the iframe code in the page.

The alternative is modifying the Kibana plugin for reading credentials from the query parameters in the iframe embed code, which a) is not handy because you should edit manually each Kibana embed code. And b) you’d be copy-pasting around credentials.

Another option would be to implement an ACL in the Kibana plugin too, which is something that me and @ld57 have been talking about recently. This would unlock: user-specific url redirects and public url passthrough (like this).

hepamela · 2017-12-29 18:29:26 UTC

Hi simone, @sscarduzio
I am following this
"You need the Kibana plugin, you should make an HTTP call to the Kibana POST /login endpoint (with username and password), obtain the cookie in the response header, and then inject the iframe code in the page."

I’m trying to get the cookie in the response header but I got the error “Request must contain kbn-xsrf header”.
I’m doing a web service who calls a kibana iframe.
What can I do?

sscarduzio · 2018-01-02 15:47:33 UTC

The required value for that header is the kibana version i.e. “6.1.1”

hepamela · 2018-01-02 18:06:11 UTC

Simone I got this, but I have Internal server error.
What can I do with this?

sscarduzio · 2018-01-02 18:19:58 UTC

OK that’s progress, do you see errors in the Kibana logs?

hepamela · 2018-01-02 19:58:26 UTC

cannot read property ‘username’ @sscarduzio

TypeError: Uncaught error Cannot read property ‘username’ of null at login (/usr/share/kibana/plugins/readonlyrest_kbn/server/routes/lib/auth.js:6:956)

sscarduzio · 2018-01-02 22:05:56 UTC

yeah it’s because you are not passing the credentials to the API. Pass “username” and “password” fields via HTTP POST.

hepamela · 2018-01-03 20:58:27 UTC

Simone, I think this is my last question

We got the cookies (rorCookie and username), and now we’re trying to request the URL Iframe
but if we use GET it only appears “Loading Kibana” and If we use POST we come back to the login session.
If we send with the Url Iframe the cookies, headers and credentials, we got "status code: 404, error: ‘Not Found’.
What can we do now ?
And thanks for all, @sscarduzio .

sscarduzio · 2018-01-04 18:06:30 UTC

can you do this test:

get the embeddable graph URL
Run your ajax that logs in and gets the cookie
paste the embeddable graph url in the browser address bar and verify it works (without iframes)

Do this with the chrome dev tools open on the network tab, and see if some request ends up in error.
Also check the JS console tab for JS errors.