Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/api/index_patterns/_fields_for_wildcard returns 401 in Kibana 6.2.3 #17430

Closed
Salieri1969 opened this issue Mar 28, 2018 · 4 comments
Closed

/api/index_patterns/_fields_for_wildcard returns 401 in Kibana 6.2.3 #17430

Salieri1969 opened this issue Mar 28, 2018 · 4 comments

Comments

@Salieri1969
Copy link

Kibana version:6.2.3

Elasticsearch version:6.2.3

Server OS version:CentOS 7.1

Description of the problem including expected versus actual behavior:
When creates an index pattern in Kibana's management, it returns 401, and an Authentication Exception shows on the top of screen.

my ES running behind an nginx:

    server {
        listen       8080;
        location / {
            auth_basic "nginx basic http test for kibana";
            auth_basic_user_file htpasswd;
            autoindex on;
            proxy_pass http://localhost:8200/;
            proxy_http_version 1.1;
            proxy_set_header Connection "Keep-Alive";
            proxy_set_header Proxy-Connection "Keep-Alive";
        }
    }

Errors in browser console (if relevant):

Request URL: http://xxx:5601/api/index_patterns/_fields_for_wildcard?pattern=logstash-*&meta_fields=%5B%22_source%22%2C%22_id%22%2C%22_type%22%2C%22_index%22%2C%22_score%22%5D
Request Method: GET
Status Code: 401 Unauthorized

I think Kibana server dosen't send authorization header in some requests.
@chrisronline
Copy link
Contributor

This feels like a dup of #9583. What do you think @KPcoder?

@Salieri1969
Copy link
Author

@chrisronline so any final solution?

@chrisronline
Copy link
Contributor

Unfortunately, not right now. It's something we definitely want to fix so please feel free to add your use case to the other ticket or simply +1 it. I'm going to close this and lets move future conversations to the other ticket.

@vroyer
Copy link

vroyer commented May 10, 2018

Same issue for me, kibana 6.2.3 send POST _field_caps requests to elasticsearch 6.2.3 with no authentication header when creating a new index.

Kibana trace:

GET /api/index_patterns/_fields_for_wildcard?pattern=toto&meta_fields=_source&meta_fields=_id&meta_fields=_type&meta_fields=_index&meta_fields=_score 401 27ms - 9.0B

Kibana to elasticsearch request:

POST /toto/_field_caps?fields=*&ignore_unavailable=true&allow_no_indices=false HTTP/1.1
Host: localhost:9200
Content-Length: 0
Connection: keep-alive

If kibana 6.2.3 works with Elasticsearch X-Pack security enabled, this means there is a security breach somewhere ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrisronline @vroyer @Salieri1969