elastic/azure-marketplace

kibana get 401 Unauthorized

oukiyoshi opened this issue · 1 comments

oukiyoshi commented
  1. when i open browser and request kibana. i have received error message :
    {"statusCode":401,"error":"Unauthorized","message":"missing authentication credentials for REST request [/.kibana7/_doc/space%3Adefault]: security_exception"}
    but if i refresh browser many times , mabey reponse interface kibana login.
    i can get info by curl like:
curl https://localhost:9200/?pretty  -k --user kibana_system


{
  "name" : "es-01",
  "cluster_name" : "es-data",
  "cluster_uuid" : "gxxxxxxxxxxx",
  "version" : {
    "number" : "7.10.0",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "5xxxxxxxxxxxxxxx",
    "build_date" : "2020-11xxxxxxxxxxxx",
    "build_snapshot" : false,
    "lucene_version" : "8.7.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

elasticsearch.yml

cluster.name: xxx
node.name: xxx
node.master: true
node.data: false
network.host: 0.0.0.0
http.port: 9200
http.cors.enabled: true
http.cors.allow-origin: "*"
transport.tcp.port: 9300
discovery.seed_hosts: ["es-01","es-02","es-03","master-01","master-02","master-03"]
path.data: xxxxxxxxx
path.logs: xxxxxxxxxxxxx
path.repo: ["xxxxxxxxxxxx"]
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-stack-ca.p12
bootstrap.memory_lock: false
bootstrap.system_call_filter: false
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/elastic-stack-ca.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/elastic-stack-ca.p12

kibana.yml

server.port: 5601
server.name: "xxxx"
elasticsearch.hosts: ["https://xxxxxxxx:9200","https://xxxxxxx:9200","https://xxxxxxxx:9200"]
kibana.index: ".kibana7"
elasticsearch.username: "kibana_system"
elasticsearch.password: "xxxxxxxxxx"
elasticsearch.ssl.key: /etc/kibana/client.key
elasticsearch.ssl.certificateAuthorities: [ "/etc/kibana/client.cer" ]
elasticsearch.ssl.verificationMode: certificate
elasticsearch.requestTimeout: 900000
logging.dest: /var/log/kibana.log
logging.verbose: true
xpack.security.enabled: 'true'
xpack.encryptedSavedObjects.encryptionKey: 'fxxxxxxxxxxxxxxxxxxd'
xpack.security.session.lifespan: "7d"
xpack.security.session.idleTimeout: "30h"
  1. when i request something on kibana it may get 301 and turn to logout with SESSION_EXPIRED . it occurred randomly . mabey 2minutes later mabey 1 second
    http://kibana:5601/logout?msg=SESSION_EXPIRED&next=%2Fappxxxxxxxxxxxxxxxxxxx
russcam commented

Hi @oukiyoshi, this doesn't sound like a specific problem with the Azure Resource Manager template deployment, but a more general authentication question. The elasticsearch and kibana configuration files are quite different to what the template deploys- there are some additional entries and existing entries that have been modified from what the template configures.

I think this kind of question would be better asked on the Discuss forums at https://discuss.elastic.co/c/elastic-stack/81.