What I Want to Achieve
I pasted a Kibana dashboard's iframe code in my webapp, which works fine. I'm trying to skip the sign-in screen.
What I Have Tried
Since I already have the user's credentials in memory, I figured an AJAX call to /api/v1/auth/login before loading the embedded visualization should set the appropriate cookie and skip the sign-in screen.
The issue is, Kibana will only accept the request if it has a kbn-version header. But if I add a kbn-version header to the AJAX request, the pre-flight OPTIONS request fails with:
"CORS error: Some headers are not allowed"
I have tried adding kbn-version to some Hapi configuration settings such as server.cors.additionalHeaders, server.cors.headers, server.cors.exposedHeaders, and server.cors.additionalExposedHeaders but none of them seem to work.
This is my custom-kibana.yml file:
$ cat custom-kibana.yml
---
# Default Kibana configuration from kibana-docker.
server.name: kibana
server.host: "0"
server.cors : true
server.cors.origin: ['*']
server.cors.additionalHeaders: ['kbn-xsrf', 'kbn-version']
server.cors.headers: ["accept", "authorization", "content-type", "if-none-match", "origin", "kbn-xsrf", "kbn-version"]
server.cors.exposedHeaders: ["accept", "authorization", "content-type", "if-none-match", "origin", "kbn-xsrf", "kbn-version"]
server.cors.additionalExposedHeaders: ['kbn-xsrf', 'kbn-version']
# server.ssl.enabled: true
# server.ssl.key: kibana.pem
# server.ssl.certificate: kibana-key.pem
elasticsearch.url: https://localhost:9200
elasticsearch.ssl.verificationMode: none
elasticsearch.username: kibanaserver
elasticsearch.password: <pw>
elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opendistro_security.multitenancy.enabled: true
opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
opendistro_security.readonly_mode.roles: ["kibana_read_only"]
My Question
How do I skip the sign-in screen, either by solving the issue I encountered or in any other way.
Related
It works fine when I invoke the config server using curl -X GET http://localhost:8888/limits-service/dev -H "X-Config-Token: s.6S92v3OekCYEAWjp8unbt4ei"
But from the client microservice, upon invoking the config service http://localhost:8888/limits-service/dev how to pass the header. The following details are configured in the client microservice application.properties but gets 404 error.
spring.application.name=limits-service
spring.cloud.config.uri=http://localhost:8888/
spring.profiles.active=dev.
So how to pass X-Config-Token: s.6S92v3OekCYEAWjp8unbt4ei ?
This token can be provided within the client by setting spring.cloud.config.token in bootstrap.yml.
spring:
cloud:
config:
token: YourVaultToken
Oke so back to https://api-platform.com :)
So I currently have corsAllowOrigin: "*" #to allow all origins in my helm values file (as per docs). To make sure that the propper headers are bieng set on return values.
Now I would expect (as per docs) that the Access-Control-Allow-Origin: would now go to "*" however it goes to Access-Control-Allow-Origin: null. That's of course a bit annoying because it prevent react native apps of accessing the API.
Question here, is this a bug? Am I using the wrong values? Or overlooking something?
Sets .env file with:
###> nelmio/cors-bundle ###
CORS_ALLOW_ORIGIN=['*']
###< nelmio/cors-bundle ###
By default, API Platform uses nelmio cors and the default config use the environment variable CORS_ALLOW_ORIGIN.
With that you can allow any url with this config in your .env (or .env.local) with CORS_ALLOW_ORIGIN=^https?://.*?$
As the others have said, CORS is handled by nelmio/cors-bundle. If you don't wish to modify env files, the actual package configuration for it is documented on its GitHub page https://github.com/nelmio/NelmioCorsBundle.
The configuration you'd want to modify is the allow_origin configuration, which can have a default value or can be configured based on the path of the current request. Pretty neat.
In config/packages/nelmio_cors.yaml:
nelmio_cors:
defaults:
...
allow_origin: []
...
paths:
'^/api/':
...
allow_origin: ['*']
...
'^/':
...
allow_origin: ['^http://localhost:[0-9]+']
...
I use webpack-dev-server on my project.
Project uses Spring boot + Tiles + Vue + webpack.
Environment:
OS: Mac OS
Node Version: 9.4.0
NPM Version: 5.6.0
Webpack Version: 4.25.1
webpack-dev-server Version: 3.1.10
In local environment, FE port use 8080 and webpack-dev-server port is 9090.
Bundled files by webpack are created in /front/static-dev/build/.
So, I use proxy options like below.
devServer: {
publicPath: 'http://localhost:9090/front/static-dev/build/',
port: 9090,
proxy: {
'/**': {
target: 'http://localhost:8080',
secure: false,
changeOrigin: true
}
},
open: true
}
After starting webpack-dev-server, static resources like (JSP, bundled js files, CSS files or image, ...) are loaded normally. However, whenever I request some api, webpack-dev-server occured same error. Error logs are like below.
[HPM] Error occurred while trying to proxy
request /api/v1/users/name from localhost:9090 to
http://localhost:8080 (HPE_INVALID_CHUNK_SIZE)
(https://nodejs.org/api/errors.html#errors_common_system_errors)
After request some API, I checked logs on Eclipse and Api requests are normally being made. In Chrome Consloe log like below.
http://localhost:9090/api/v1/users/name net::ERR_CONTENT_DECODING_FAILED 502 (Bad Gateway)
I think the problems are in response part.
Searching HPE_INVALID_CHUNK_SIZE with Webpack in google, I can find no information.
How can I solve this problem.
Thanks.
I resolve this issue using Connection options.
proxy: {
'/**': {
target: 'http://localhost:8080/',
secure: false,
changeOrigin: true,
headers: {
Connection: 'keep-alive'
}
}
This error might be caused by wrong headers sent to your proxy. In case of any further problems you could try Transport-Encoding: chunked or set Content-Length http headers. You can see this answer https://stackoverflow.com/a/55433376/996895
I've setup Parse Server Dashboard on my local machine, and followed the instructions to connect to my Parse Server which is hosted on Heroku.
The Server URL I use to connect to Heroku in my iOS is:
https://my-app-name.herokuapp.com/parse
, so I used this for the Dashboard also.
My config settings are:
{
"apps": [
{
"serverURL": "https://my-app-name.herokuapp.com/parse",
"appId": "appId",
"masterKey": "masterKey",
"appName": "appName"
}
]
}
, however I am getting the error "Server not reachable. Could not connect to server".
When I remove the https://, I get the error "Server not reachable. Server version too low."
The version is 2.1.4, which is the minimum requirement for the Dashboard.
Any suggestions please?
Thanks!
Make sure the config vars (APP_ID, MASTER_KEY, SERVER_URL) between your Parse server and dashboard are set identically. Use https:// instead of http:// for both SERVER_URLs.
To verify your config vars are the same:
Go to your Heroku dashboard
Open both your Parse Server and Dashboard in new tabs
Go to each respective setting tab
Click the Reveal Config Vars button under Config Vars and verify that APP_ID, MASTER_KEY, SERVER_URL are identical for both apps.
Try following these two steps:
npm install -g parse-dashboard
Then
parse-dashboard --appId yourAppId --masterKey yourMasterKey --serverURL "https://example.com/parse" --appName optionalName
The URL should not contain double quotation marks
I'm trying to do the following request using TCL (OpenACS)
http::register https 443 tls::socket
set url "https://encrypted.google.com"
set token [http::geturl $url -timeout 30000]
set status [http::status $token]
set answer [http::data $token]
http::cleanup $token
http::unregister https
The problem is that when I read the $status variable I get "eof" and the $answer variable becomes empty. I tried enabling tls V.1
http::register https 443 [list tls::socket -tls1 1]
and it works only for the site https://www.galileo.edu, but not for https://encrypted.google.com.
The site what I'm trying to connect is https://graph.facebook.com/me/feed?access_token=...
but it doesn't work.
I used curl to retrieve the contents of the pages in HTTPS and it works, I have installed OpenSSL, so I can't see the problem, there is another way to do HTTPS connections with TCL?.
I can't see if this is a problem of coding (maybe I'm registered wrong the https protocol) or maybe It is a bad configuration of my server. Hope somebody helps!! Thanks!
Hmm, I can't reproduce that. Which patchlevel of Tcl are you using, and which version of the tls package?
I did this:
package require http
package require tls
# This is your code, cut-n-pasted with blank lines removed
http::register https 443 tls::socket
set url "https://encrypted.google.com"
set token [http::geturl $url -timeout 30000]
set status [http::status $token]
set answer [http::data $token]
http::cleanup $token
http::unregister https
puts $status
And it produces “ok” as output, with $status's contents looking likely too (but too long to paste here). This is with Tcl 8.5.2 (I know I need to upgrade), http 2.7 and tls 1.6.