searchguard.session.ttl seems not working in 6.5.4 Kibana.

Hey @Mike,

Thanks for the explaination! This behaviour of Dev Tools was quite a mystery. Please let me know if there are any plans in the future to change this.

I happened to notice these two things as well -

  1. If we are on dashboard or other static page and remain inactive for ttl time, then after clicking on management pg it does not prompt for re-login. After this, if we click on
    a) “Index Patterns” → it prompts for relogin
    b) “Saved Objects” → it prompts for relogin
    c) “Advanced Settings” —> It DOES NOT prompt for relogin.

  2. As you suggested, I unchecked the settings under Autocomplete on Dev Tools page. With these changes, i noticed this -
    If we stay on any page (say Dashboard), remain inactive for ttl time & then it switch to Dev Tools
    a) For the default query “GET _search” —> it throws the error as “session expired”.
    b) For any other new queries I write —> I do not get “session_expired” error or the query result. Instead, it shows the html pg in the right hand side of the window as shown in my previous comments.

Any suggestions?

Hi @shivani.aggarwal2195

First of all - Kibana 7.3 has a new setting which may be interesting to you. It allows you to turn off the autocomplete settings mentioned above:

  1. Kibana switches to “Advanced Settings” entirely in the frontend, meaning no requests are sent to the backend. As soon as you try to save the settings, you should get logged out though.

  2. That’s an interesting find! I just tested this and it seems like Kibana sets the content-type header differently based on the query. In this case we can’t detect that this is an XHR request, and in this case you get the html instead of the properly formatted message. I’ve added an issue for my self and will investigate if we can catch this.

Thanks!