Unable to connect Kibana to elasticsearch after install ReadonlyRest in elasticsearch only

sivab · March 1, 2024, 3:21pm

Hi,
We have installed ReadonlyRest plugin v8.2.3 in elasticsearch only to secure elasticsearch node. Then configured the elasticsearch.yml and readonlyrest.yml with one-way-ssl and basic auth.

Configured the kibana.yml to connect with elasticsearch. But, received errors as below and it seems Kibana is unable to connect to elasticsearch.

We had not installed Readonlyrest plugin in Kibana. However, receiving below errors in kibana logs.

Please let me know how to resolve this issue.

support security features, re-authentication is not possible (available: true, enabled: false).“,“log”:{“level”:“ERROR”,“logger”:“plugins.security.authentication”},“process”:{“pid”:22604},“trace”:{“id”:“e52027ba35a923caa7bd2236928de06c”},“transaction”:{“id”:“6125b4d3f3f4f433”}}
{“ecs”:{“version”:“8.0.0”},”@timestamp":“2024-03-01T13:46:57.690+00:00”,“message”:“Unable to navigate to space "default". ResponseError: forbidden: forbidden_response: [forbidden_response] Reason: forbidden”,“log”:{“level”:“ERROR”,“logger”:“plugins.spaces”},“process”:{“pid”:22604},“trace”:{“id”:“e52027ba35a923caa7bd2236928de06c”},“transaction”:{“id”:“6125b4d3f3f4f433”}}
{“ecs”:{“version”:“8.0.0”},“@timestamp”:“2024-03-01T13:46:57.748+00:00”,“message”:“License is not available or does not support security features, re-authentication is not possible (available: true, enabled: false).”,“log”:{“level”:“ERROR”,“logger”:“plugins.security.authentication”},“process”:{“pid”:22604},“trace”:{“id”:“8ccabbd8ca1626eb7431b3963826802f”},“transaction”:{“id”:“f7014cdc32f58e00”}}
{“ecs”:{“version”:“8.0.0”},“@timestamp”:“2024-03-01T13:46:57.748+00:00”,“message”:"Unable to navigate to space "default". ResponseError: forbidden: forbidden_response: [forbidden_response]

Thanks in advance.

Best Regards,
Siva.

coutoPL · March 1, 2024, 4:45pm

Hi @sivab

You have to install both plugins: ROR for ES and ROR for KBN (there is a Free version).

please let us know if your issue is fixed after doing that

sscarduzio · March 1, 2024, 10:40pm

@sivab go to Download
You need to download both Elasticsearch and Kibana plugins. The Elasticsearch plugin is entirely open source, and the Kibana one is a “universal” build.

“Universal” means it’s free to download and use for ever in its most basic form, but if you purchase some activation keys you can unlock PRO and Enterprise features.

Notable PRO features:

Add/remove users/groups without restarting the ES cluster
Customise look and feel

Notable Enterprise features:

Multi tenancy
SAML SSO and OIDC authentication/authorization
Kubernetes operator support

For any questions, please ask or email support@readonlyrest.com

sivab · March 2, 2024, 3:12am

Hi,
After install universal ROR plugin for Kibana received below error.

I had configure the below in the kibana.yml
readonlyrest_kbn.cookiePass: 123456789012345678901234567890abcde

Is the above cookiePass value got any issue ?

{“ecs”:{“version”:“8.0.0”},“@timestamp”:“2024-03-02T02:56:42.520+00:00”,“message”:“Cannot read properties of undefined (reading ‘readonlyrest_kbn’)”,“error”:{“message”:“Cannot read properties of undefined (reading ‘readonlyrest_kbn’)”,“type”:“TypeError”,“stack_trace”:"TypeError: Cannot read properties of undefined (reading ‘readonlyrest_kbn’)

FATAL TypeError: Cannot read properties of undefined (reading ‘readonlyrest_kbn’)

If I remove “readonlyrest_kbn.cookiePass” this property then received below error.

FATAL Error: [config validation of [readonlyrest_kbn].cookiePass]: expected value of type [string] but got [undefined]

How to get a valid free license key for “readonlyrest_kbn.cookiePass” ?

Best Regards,
Siva.

coutoPL · March 3, 2024, 8:17am

Do you confirm you followed the installation steps including the patching step too?

sivab · March 3, 2024, 1:36pm

Thanks. I had apply patch now.

I had configured the readonlyrest.yml as below.

readonlyrest:

prompt_for_basic_auth: false   

access_control_rules:

- name: "Require HTTP Basic Auth"
  type: allow
  auth_key: Administrator:manage  

- name: "::KIBANA-SRV::"
  auth_key: Administrator:manage
  
- name: "::ADMIN::"
  type: allow
  auth_key: admin_usr:dev
  indices: ["logstash-*"]
  kibana:
    access: admin

But, receiving error “wrong credentials” when try to login kibana console with user “admin_usr”.

Could let me know what could be the wrong.

Best Regards,
Sivab

coutoPL · March 3, 2024, 7:34pm

Your configuration is correct. I’ve checked using our ROR-Sanbox. You can check it here too. You can compare how it’s set up with your own one.