Kibana enterprise user here (kibana 7.8.1/Ror Enterprise 1.27.1).
Sometimes, after inactivity, when users go back on Kibana, they get redirected to “Something went wrong” with an error message stating that “username” is undefined.
It only appears if user is connected through OIDC.The “clear session” button does nothing (yet page reloads, same error message appears). The only way to escape is to remove cookie rorCookie_oidc_kc, then reload the page to correctly get redirected to /login.
From the timings, It seems that this can either be related to :
- browser being suspended long enough for the OIDC session to expire but rorCookie_oidc_kc is kept (for example, login to kibana, suspend system while keeping browser running, wait more than OIDC Session timeout, try to navigate in kibana )
- browser being suspended long enough for the rorCookie to expire but not rorCookie_oidc_kc (which is session scoped) (same operation as previous hypothesis, just different timing).
- Or maybe another combination of timeouts between rorCookie/rorCookie_oidc_kc/OIDC session?
I’ve tried (using firefox dev tools) to remove rorCookie (like it expired) while keeping rorCookie_oidc_kc : I get almost the same behavior, only error message is different (identify is undefined).
I’ve not yet found any ways to reproduce the exact same behavior on a regular basis. (“Natural” occurrences are sporadic, hence it’s hard to debug)
Do you have any ideas of what could be wrong there?