Hi
I have set up SAML authentication for Kibana and Elasticsearch, and set the cookie lifetime and session timeout to 36000000 msec (10 hours). However, what I’m finding is that after an hour of inactivity, my Kibana session stops working and I get two error messages:
Request timeout after 30000ms
Visualize: Request timeout after 30000ms
If I do a reload of that tab, I get the SAML logon page. I’ve checked the cookies in the browser, and I the Searchguard cookie is present and has the correct lifetime.
At the time of the error, I get the following in kibana.log
{“type”:“error”,“@timestamp”:“2018-09-10T10:45:53+01:00”,“tags”:[“warning”,“process”],“pid”:1349,“level”:“error”,“error”:{“message”:"Unhandled
promise rejection (rejection id: 204): Error: Cannot provide statusCode or
message with boom
error",“name”:“UnhandledPromiseRejectionWarning”,“stack”:"Error: Cannot
provide statusCode or message with boom error\n at Object.exports.assert
(/usr/share/kibana/plugins/searchguard/node_modules/hoek/lib/index.js:740:11)\n
at Object.exports.wrap
(/usr/share/kibana/plugins/searchguard/node_modules/boom/lib/index.js:96:10)\n
at Object.internals.create
(/usr/share/kibana/plugins/searchguard/node_modules/boom/lib/index.js:115:24)\n
at Object.exports.forbidden
(/usr/share/kibana/plugins/searchguard/node_modules/boom/lib/index.js:272:22)\n
at /usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:179:47\n
at next (native)\n at step
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:191)\n
at /usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:437\n
at /usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:99\n
at server.auth.test
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:160:17)\n
at transfer (/usr/share/kibana/node_modules/hapi/lib/auth.js:92:16)\n at
Function.wrapped (/usr/share/kibana/node_modules/hoek/lib/index.js:875:20)\n
at Function.internals.response
(/usr/share/kibana/node_modules/hapi/lib/reply.js:138:14)\n at reply
(/usr/share/kibana/node_modules/hapi/lib/reply.js:70:22)\n at
unauthenticated
(/usr/share/kibana/plugins/searchguard/node_modules/hapi-auth-cookie/lib/index.js:169:28)\n
at
/usr/share/kibana/plugins/searchguard/node_modules/hapi-auth-cookie/lib/index.js:142:32\n
at Object.
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:233:24)\n
at next (native)\n at step
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:191)\n
at /usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:437\n
at Object.
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:23:99)\n
at Object.validate [as validateFunc]
(/usr/share/kibana/plugins/searchguard/lib/auth/types/AuthType.js:211:13)"},“message”:"Unhandled
promise rejection (rejection id: 204): Error: Cannot provide statusCode or
message with boom error"}
Any idea what this might be?
-
Search Guard and Elasticsearch version: ES 6.2.4, SearchGuard 6.2.4-23-14
-
Installed and used enterprise modules, if any: SAML
-
JVM version and operating system version: Ubuntu 14.04.3 LTS. Oracle Java 1.8.0_60-b27
-
Search Guard configuration files: kibana.yml attached
-
Elasticsearch log messages on debug level
-
Other installed Elasticsearch or Kibana plugins, if any: x-pack
Regards
Max
kibana.yml (5.44 KB)