This bug was initially created as a copy of Bug #1823305 I am copying this bug because: Description of problem: The logout function doesn't work properly in Kibana. After the user is logged out from the Kibana dashboard, user will be able to login again in the new tab again without having to put in the login credentials. Version-Release number of selected component (if applicable): OpenShift version Server Version: 4.2.14 Kubernetes Version: v1.14.6+b294fe5 How reproducible: Always Steps to Reproduce: 1. Login to the kibana console 2. Logout from the kibana 3. Open the <Kibana route> again in the new tab of the browser, and you will be logged in automatically. Actual results: Kibana console is not asking for the Login credentials after logging out. Expected results: Kibana Console should ask for the login ID & password after logging out from a previous session. Additional info: 1] Kibana is installed with the EFK stack (Cluster Logging operator). 2] Customer has checked opening the kibana in browser's incogito window too but still they are able to open the kibana dashboard without entering the credentials. One more point in the Additional Info about the incognito window behavior: 3] It is not that when user log out from Kibana and try to access the same Kibana in incognito mode, we still get redirected. In that case, we are asked to enter the password. But when we log out from Kibana in an incognito browser and try to access Kibana in the same incognito browser, we can access the GUI even without login again. So basically we experience the same behavior either in a normal browser or incognito browser.
Moving straight to modified given there is no logoff button for 4.5 but this blocks 1836002
This BZ does not block 1836002
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409