Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
chart-version: 2.20.0
app-version: 2.16.0
Tested on:
Chrome: Version 128.0.6613.84 (Official Build) (64-bit)
Firefox: 129.0.2 (64-bit)
MS Edge: Version 128.0.2739.54 (Official build) (64-bit)
Describe the issue:
I’ve setup up Opensearch + Dashboards + FluentBit. I’ve configure basePath to /opensearch
to expose dashboards there. Everything works great except the fact that when I press “logout”, instead of redirecting to the home screen, I am redirected to:
/opensearch/app/login?nextUrl=%2Fopensearch
with the following error:
{"statusCode":400,"error":"Bad Request","message":"[request query.nextUrl]: Invalid nextUrl parameter."}
What’s important is that I am getting logged out correctly, because if I manually go to /opensearch
I got correctly redirected to /opensearch/app/login?
and login screen is displayed. It was also confirmed in the logs:
message: POST /auth/<mark>logout</mark>?dataSourceId= 200 3ms - 9.0B
I tried setting rewriteBasePath
to true, but it didn’t work (maybe I didn’t understood the setting correctly, nevertheless after setting it to true I couldn’t access it at all, so I commented it out as it was in the beginning.
Any help will be greatly appreciated.
Configuration:
values.yaml configuration (I only changed the resources and added Emissary ingress service annotations):
resources:
requests:
cpu: "100m"
memory: "512M"
limits:
cpu: "300m"
memory: "512M"
service:
annotations:
getambassador.io/config: |
---
apiVersion: getambassador.io/v2
kind: Mapping
name: mapping-opensearch
namespace: opensearch
service: opensearch-dashboards:5601
prefix: /opensearch/
host: <host>
bypass_auth: true
timeout_ms: 30000
---
apiVersion: getambassador.io/v2
kind: Mapping
name: mapping-opensearch-redirect
namespace: opensearch
service: <host>
prefix: /opensearch
bypass_auth: true
host_redirect: true
prefix_regex: true
path_redirect: /opensearch/
opensearch-dashboards.yaml (I am only adding parts that are not commented out)
# This setting cannot end in a slash.
server.basePath: "/opensearch"
opensearch.hosts: <default localhost setting> (new users can post only two URLs)
opensearch.ssl.verificationMode: none
opensearch.username: kibanaserver
opensearch.password: kibanaserver
opensearch.requestHeadersWhitelist: [authorization, securitytenant]
opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: [Private, Global]
opensearch_security.readonly_mode.roles: [kibana_read_only]
# Use this setting if you are running opensearch-dashboards without https
opensearch_security.cookie.secure: false
server.host: '0.0.0.0'
Relevant Logs or Screenshots: