Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.
There’s already a feature request for this:
https://github.com/floragunncom/search-guard-kibana-plugin/issues/37
However, we have not decided whether to implement this or not. All major browsers have stopped supporting the user:pass@host syntax, for obvious security reasons. We also think that supporting it would open up all kinds of security leaks. If we decide to implement it, you will probably need to enable this feature explicitely in kibana.yml.
In any case, the target version for this feature will be Search Guard 6.
On Thursday, August 17, 2017 at 3:34:47 PM UTC+2, Marvin Berger wrote:
Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.
Thats a shame. As I read in the issue, it is not possible to just pass the username/password combination via post to a specific URL?
Is there any other way to auto login someone?
In our system, a simple read only user should be logged in automatically, when kibana is openend via our application.
Am Donnerstag, 17. August 2017 15:47:48 UTC+2 schrieb Jochen Kressin:
There’s already a feature request for this:
https://github.com/floragunncom/search-guard-kibana-plugin/issues/37
However, we have not decided whether to implement this or not. All major browsers have stopped supporting the user:pass@host syntax, for obvious security reasons. We also think that supporting it would open up all kinds of security leaks. If we decide to implement it, you will probably need to enable this feature explicitely in kibana.yml.
In any case, the target version for this feature will be Search Guard 6.
On Thursday, August 17, 2017 at 3:34:47 PM UTC+2, Marvin Berger wrote:
Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.
Is there any workaround?
Am Donnerstag, 17. August 2017 15:47:48 UTC+2 schrieb Jochen Kressin:
There’s already a feature request for this:
https://github.com/floragunncom/search-guard-kibana-plugin/issues/37
However, we have not decided whether to implement this or not. All major browsers have stopped supporting the user:pass@host syntax, for obvious security reasons. We also think that supporting it would open up all kinds of security leaks. If we decide to implement it, you will probably need to enable this feature explicitely in kibana.yml.
In any case, the target version for this feature will be Search Guard 6.
On Thursday, August 17, 2017 at 3:34:47 PM UTC+2, Marvin Berger wrote:
Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.
I don’t think there’s a workaround at the moment. All major browsers stopped support for it a while ago, for security reasons. Before that, browsers would automatically transform a URL in format user:pass@host to a HTTP Basic authentication, means they would add the respective Basic Auth HTTP headers automatically. Without browser support for it, we would need to re-implement it on the Kibana plugin. So, unfortunately, you would need to wait until this feature is implemented, or issue a PR for it.
On Friday, August 18, 2017 at 11:13:41 AM UTC+2, Marvin Berger wrote:
Is there any workaround?
Am Donnerstag, 17. August 2017 15:47:48 UTC+2 schrieb Jochen Kressin:
There’s already a feature request for this:
https://github.com/floragunncom/search-guard-kibana-plugin/issues/37
However, we have not decided whether to implement this or not. All major browsers have stopped supporting the user:pass@host syntax, for obvious security reasons. We also think that supporting it would open up all kinds of security leaks. If we decide to implement it, you will probably need to enable this feature explicitely in kibana.yml.
In any case, the target version for this feature will be Search Guard 6.
On Thursday, August 17, 2017 at 3:34:47 PM UTC+2, Marvin Berger wrote:
Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.
I dont know, why I didn’t think sooner of this solution.
Our application uses the Windows.Forms.Webbrowser control and after a bit of reading, I came up with code, which will fill in the form and submit it, automatically. This way, our users dont have to login manually and the user/password combination isn’t written into the url. Only one problem is remaining, when I fill the form automatically, I get this error after submiting the form:
Are there any JS functions, which would prevent that?
Thank you for your help so far!
Am Freitag, 18. August 2017 22:16:43 UTC+2 schrieb Jochen Kressin:
I don’t think there’s a workaround at the moment. All major browsers stopped support for it a while ago, for security reasons. Before that, browsers would automatically transform a URL in format user:pass@host to a HTTP Basic authentication, means they would add the respective Basic Auth HTTP headers automatically. Without browser support for it, we would need to re-implement it on the Kibana plugin. So, unfortunately, you would need to wait until this feature is implemented, or issue a PR for it.
On Friday, August 18, 2017 at 11:13:41 AM UTC+2, Marvin Berger wrote:
Is there any workaround?
Am Donnerstag, 17. August 2017 15:47:48 UTC+2 schrieb Jochen Kressin:
There’s already a feature request for this:
https://github.com/floragunncom/search-guard-kibana-plugin/issues/37
However, we have not decided whether to implement this or not. All major browsers have stopped supporting the user:pass@host syntax, for obvious security reasons. We also think that supporting it would open up all kinds of security leaks. If we decide to implement it, you will probably need to enable this feature explicitely in kibana.yml.
In any case, the target version for this feature will be Search Guard 6.
On Thursday, August 17, 2017 at 3:34:47 PM UTC+2, Marvin Berger wrote:
Hey there,
I just installed Search Guard and the Kibana Plugin. To properly use it, I got only one issue remaining:
I have to automatically login a user, via http authentification eg.
http://user:password@localhost
Right now, I am only getting to the login screen ( which is great, but I want the url thing to be an alternative way to login)
Is this possible? To have the login screen AND accept login request via an url?
I hope, you get what I am saying.