-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security] Add message to login page #51557
[Security] Add message to login page #51557
Conversation
💔 Build Failed
|
Pinging @elastic/kibana-security (Team:Security) |
💔 Build Failed
|
💔 Build Failed
|
For scheduled maintenance announcements, I think it would be better to have a banner that also appears after login and not only during login. A user can be logged in for a long time and not see the login screen. So I'm not sure about how big a benefit this will be only on the login screen. However, I like the idea of having a message like this related to the actual login procedure. |
@watson True, maintenance announcements might not be the best use case. Help to login is specifically the problem we are trying to solve. For the Kibana instances I'm responsible for I'm regularly pinged by people who want to know how they can login. For this specific purpose it would be very beneficial to be able to add login instructions (or link to such) directly above the login box. I'm sure there are also other use cases people might want to use this message for so tried to keep it a little generic. |
💚 Build Succeeded
|
@alexfrancoeur would this satisfy #36586? I think there is a small part of #17298 in here too, but that is mostly concerned with post-login messages |
Users cannot use custom html but they can use markdown, so links and formatting is possible (and I'd argue safer and easier than allowing custom html). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
++ I'd be wary of custom HTML too, and I think markdown allows for a sufficient level of control here. |
I would not put the custom message inside of an EuiCallOut. Rendering can be tricky with custom content (even just Markdown) as seen by @legrego's example. Though if it is just plain Markdown, it should get wrapped in an EuiText (size="s") block. |
@cchaos Better? |
…se EuiText instead of EuiCallOut
fc45cd8
to
c229c4c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sqren Yes, I think it's fair to say that not all custom messages time or content sensitive. Which is why pulling it out of the EuiCallOut makes the most sense. If it is, they can add their own emphasis via text formatting.
.../legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.tsx
Outdated
Show resolved
Hide resolved
Co-Authored-By: Caroline Horn <[email protected]>
💔 Build Failed |
Okay, I'll flip them around. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good from my end. 👍
💚 Build Succeeded |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
I'll merge this for now to unblock some things. LMK if I should change the name |
* [Security] Add loginAssistanceMessage to login page * Fix tests * Fix login_page.test.tsx * Fix defaultValue * Render login assistance message independently of other messages and use EuiText instead of EuiCallOut * Use small text Co-Authored-By: Caroline Horn <[email protected]> * Flip order of message around
* [Security] Add loginAssistanceMessage to login page * Fix tests * Fix login_page.test.tsx * Fix defaultValue * Render login assistance message independently of other messages and use EuiText instead of EuiCallOut * Use small text Co-Authored-By: Caroline Horn <[email protected]> * Flip order of message around
Do users still see this new message if they are logging into a PKI protected kibana? Ideally they should have to acknowledge the banner before being logged in even if they are not providing username/password style credentials. |
They do not. This message is only shown on the login page, which only works with the Reserved/Native/File realms in Elasticsearch. Would you mind chiming in on either #18176 and/or #17298 with your specific needs? |
Thanks @kresss |
6.8/6.8.9: 2baa83b |
This change makes it possible to add an optional message to the login page. This is useful for announcing scheduled maintenance, and providing help with credentials - something we currently need the ability to do for observability.
Example 1: Maintenance announcements
Example 2: Help with credentials (corporate)
Example 3: Help with credentials (test cluster)