Hi, I can confirm that kibana login fails as well with 2.9.0.
I have managed to get dev debug logs but the output is just massive, mostly because Kibana generates many elastic requests between startup and the "available" state where I can test login. Just looking at the request logs, I can already tell that the number of queries to '/.kibana_security_session_1/' is different between the working and non-working cases. - When working: 4 requests before the "ready" state - When non-working: 2 requests before the "ready" state Finally, traffic is encrypted so I am not sure tcpdump by itself would help much, unless I use the cert private key to decrypt the captured traffic (might be easier to read than the developer logs). Regards, - Patrick - On Sat, Sep 28, 2024 at 5:37 AM Willy Tarreau <w...@1wt.eu> wrote: > On Fri, Sep 27, 2024 at 06:31:46PM +0200, Patrick Zwahlen wrote: > > Thanks Valentine for all that precious information. > > > > I'll need some time and will probably start trying all the 2.9 versions > to > > maybe identify the one that brought this conflict. > > > > This is running in Docker and I only tested with the '2.9' tag, so it > will > > be interesting to bisect the 2.9 releases first. > > It should not be needed to test all 2.9 versions. 2.9.0 is sufficient to > know if the problem was in the original 2.9 or not. The possibility is > that it was the result of a later fix backported to 2.9 (hence after > 2.9.0), though it's not very likely. Some of the changes that appeared > between 2.8 and 2.9 caused a few regressions (all identified ones fixed > by now), and some also uncovered old sleeping bugs. Yet it's still > possible you're facing one such bug. I suggest you take a look at HTTP > headers between harpoxy and elastic for the two versions of elastic and > see if they are 100% identical. Maybe you'll spot a difference that will > put us on a track. > > Regards, > Willy >
