Kibana4 apache configuration with authentication

We need to configure httpd to listen on port 80 which does a reverse proxy to localhost on 5601.

Make sure kibana is listening only on internal port before this settings are done .

        ServerAdmin devops@learnadmin.com

        ServerName kibana.learnadmin.com

        DocumentRoot /var/www/auth

       

            AuthType Basic

            AuthName "Authentication Required"

            AuthUserFile "/var/www/auth/htpasswd"

            Require valid-user

       

        ProxyPass / http://localhost:5601/

        ProxyPassReverse / http://localhost:5601/

Use below command to create a htpasswd file and enable authentication 

htpasswd -c /var/www/auth/htpasswd devops

Setting a Secure Flag to cookie in httpd – Apache

First check if mod_headers is loaded. Else enable that module


LoadModule headers_module modules/mod_headers.so

Once the module is loaded .

Header edit Set-Cookie ^(.*)$ $1;Secure


Add above line to your virtual host in httpd.conf/ssl.conf as per your config

What this does is it adds a secure flag to your cookie. This flag is set by application server when sending
a new cookie to client/user when sending http response.This also mean that server will not send cookie over http. It sends only via https .This prevents unauthorized access to cookie data

This can be done via code in java or can be done @ apache/httpd config level.

Here is more info on code level changes click here..!!