HTTP 302 loop - ERR_TOO_MANY_REDIRECTS #10335
Comments
nellicus
added
the
bug
|
Hello,
199.203.151.53 - - [16/Feb/2017:15:36:40 +0000] "GET /login?next=%2F HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:40 +0000] "GET / HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:40 +0000] "GET /login?next=%2F HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:41 +0000] "GET / HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:41 +0000] "GET /login?next=%2F HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:41 +0000] "GET / HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:41 +0000] "GET /login?next=%2F HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:42 +0000] "GET / HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
199.203.151.53 - - [16/Feb/2017:15:36:42 +0000] "GET /login?next=%2F HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" "-"
|
|
After installing x-pack I changed the password of an existing user, "Kibana User" and since I did it, I cannot access to my app. When I uninstall the X-Pack I can access as always, but reinstall the plugin and the problem came back. |
|
Can confirm, that forward loop started after changing the default password for Running in docker, behind a reverse proxy. $ docker version
Server:
Version: 1.13.0
API version: 1.25
Go version: go1.7.3
Git commit: 49bf474
Built: Tue Jan 17 09:58:26 2017
OS/Arch: linux/amd64Image: |
|
In fact, changing the passwords back to I just executed: POST _xpack/security/user/elastic/_password
{
"password": "changeme"
} |
|
Can you check your cookies to see if you have multiple cookies for the domain? |
|
I had the same issue with Kibana 5.3.0. It seems if you change the default passwords you need to give kibana a password it can use to talk to the ES cluster in kibana.yml: elasticsearch.username: "kibana" after doing this it seems to work. not sure why it can't just use the credentials provided in the web interface when you log in though. maybe someone can clarify? |
|
Usually what causes this is having multiple cookies for the same "domain" and "name", but with different values for "path". If you open the developer tools in Chrome, then click on the Application tab, then expand the Cookies section, and click on the domain, do you have multiple cookies with the name "sid"? If so, you can fix this issue by clearing all of them. |
|
@lukasolson After kibana didn't work any more, I openend it in a new browser (Safari) where I never used this instance of kibana before. Got the same issue there too. |
|
Also seeing this on 5.1.1. Cleared browser cache, used different browsers |
|
Same issue here. |
|
{"type":"log","@timestamp":"2017-05-27T09:45:56Z","tags":["warning","elasticsearch","admin"],"pid":19343,"message":"No living connections"} For me, this error caused 302 loop. |
|
If it's helpful at all, this issue occurred to me when using 2 elastic search nodes. When I just had 1 the error stopped. Here is the working docker-compose.yaml I ended up with: |
|
one seemingly workaround is using http://domain:port/login?next=/login |
|
This bug appeared when I add |
|
I am having this issue as well. I use Chrome usually and have been testing with Incognito mode to avoid issues with cookies but that does not resolve the issue. I am using version 5.4.1 of everything. @lukasolson just to be sure, I tried your suggestion and see no cookies. |
|
same as @chrowe |
|
My issue was solved by https://discuss.elastic.co/t/cant-access-kibana-after-changing-password/90701/2 This is the same solution as #10335 (comment) |
|
Has something changed in 5.4.3 that would fix this? After chrowe/docker-elk@8bf9c62 I was able to just change the password in the Kibana GUI and did not have this issue. |
|
closing as per the above |
nellicus
removed
the
bug
|
@nellicus which do you mean? |
|
This is still an issue in elasticsearch 5.5.1. |
|
6.7 - still happens! |
|
We manually patched Kibana 5.5.3 to fix this problem, here is the patch just in case anyone else finds it useful: diff --git a/src/server/config/schema.js b/src/server/config/schema.js
index e49033f4..f23d195b 100644
--- a/src/server/config/schema.js
+++ b/src/server/config/schema.js
@@ -59,7 +59,9 @@ module.exports = () => _joi2.default.object({
uuid: _joi2.default.string().guid().default(),
name: _joi2.default.string().default(_os2.default.hostname()),
host: _joi2.default.string().hostname().default('localhost'),
+ address: _joi2.default.string().hostname().default('localhost'),
port: _joi2.default.number().default(5601),
+ uri: _joi2.default.string(),
maxPayloadBytes: _joi2.default.number().default(1048576),
autoListen: _joi2.default.boolean().default(true),
defaultRoute: _joi2.default.string().default('/app/kibana').regex(/^\//, `start with a slash`),
diff --git a/src/server/http/setup_connection.js b/src/server/http/setup_connection.js
index cbb522f6..2bc98e83 100644
--- a/src/server/http/setup_connection.js
+++ b/src/server/http/setup_connection.js
@@ -10,10 +10,14 @@ exports.default = function (kbnServer, server, config) {
// this mixin is used outside of the kbn server, so it MUST work without a full kbnServer object.
kbnServer = null;
+ const address = config.get('server.address');
+ const uri = config.get('server.uri');
const host = config.get('server.host');
const port = config.get('server.port');
const connectionOptions = {
+ address,
+ uri,
host,
port,
state: {And, In # Tell kibana to bind to all network addresses
server.address: "0.0.0.0"
server.host: "mykibana.com"
server.port: 5601
# This is what gets used to build redirect URIs
server.uri: "https://mykibana.com" |
|
This issue appeared when I deleted all the elasticsearch indexes with |
|
7.10.1 - The issue is still present ... 🤔 |
|
Is there any fix for this. I am using OpenVidu -- https://s3-eu-west-1.amazonaws.com/aws.openvidu.io/install_openvidu_pro_2.17.0.sh and the docker-compose.yml file is using the kibana and elastic search services, but when i try to connect to kibana I get the error message "Too many redirects" |
|
The error still persists in version 7.14.1. Reproducible via latest docker image by setting SERVER_BASEPATH env variable. |
Kibana version:
5.2.0
Elasticsearch version:
N/A
Server OS version:
Debian
Browser version:
curl
Browser OS version:
Debian 7
Original install method (e.g. download page, yum, from source, etc.):
tar.gz
Description of the problem including expected versus actual behavior:
Kibana expose 302 loop when ES is unreachable
Steps to reproduce:
configure Kibana to connect to imaginary cluster as per default docs
Errors in browser console (if relevant):
ERR_TOO_MANY_REDIRECTS
Provide logs and/or server output (if relevant):
The text was updated successfully, but these errors were encountered: