Session does need to be terminated when actively logging out

francobep · September 23, 2020, 2:13pm

Hi all!

I am using the latest stable version of OpenDistro. For authentication, I have the basic form configured. This one works perfect, I can successfully authenticate from Kibana.

I have a problem with the log out from Kibana and the session invalidation.

My situation is the following, I access Kibana with login, I capture a request from the browser and I start repeating this request in a loop.

Then I log out from Kibana and in the browser, I actually log out but the request remains valid for the lifetime of the session.

How can I invalidate the session when I log out of Kibana?

Anthony · April 14, 2021, 6:59pm

Hi @francobep can you outline the exact steps you take. Do you use 2 separate browsers? Does the original captured communication include basic authentication?
Can you also confirm which odfe version you are using?

Topic		Replies	Views
Kibana session timeout redirect Security	2	675	May 14, 2021
Kibana - Session timeout [Solved] Security troubleshoot	6	8323	January 13, 2022
Unable to logout from kibana dashboard Open Source Elasticsearch and Kibana	3	1672	March 23, 2021
Auto logout and saving a visualization(again) Security	1	600	March 10, 2021
Opendistro 12.x or 13.x JWT logout Security	1	381	February 7, 2023

Session does need to be terminated when actively logging out

Related Topics