Open TimB87 opened 3 weeks ago
vigneshshanmugam
commented
3 weeks ago @TimB87 Thanks for using the RUM agent.
SecretToken is not supported for the RUM agent as there is no way to prevent them from being exposed.
Please find the relevant APM server docs on how to enable for anonymous authentication for RUM agent - https://www.elastic.co/guide/en/observability/current/apm-anonymous-auth.html#apm-anonymous-auth
TimB87
commented
3 weeks ago @vigneshshanmugam Thanks! That hopefully pointed me on the right path. For some reason, I am unable to pass anonymous authorization with rum-js and Caddy. However, what works and seems to not share my token is the following Caddy directive:
https://apm-server:8201 {
reverse_proxy http://apm-server:8200 {
header_down Access-Control-Allow-Origin https://my-frontend
header_down Access-Control-Allow-Credentials true
header_down Access-Control-Request-Method POST,OPTIONS
header_up Authorization "Bearer redacted"
}
tls /data/cert.crt /data/cert.key {
ca_root /data/rootchain.crt
}
}I am not exactly an webdev myself - would you consider that configuration safe?
Unfortunately, it seems that I have to define my allowed origin specifically, as a wildcard is rejected again by cors.
Hi everybody,
I am trying to include this agent to collect RUM data on a service I manage. The apm server is behind a reverse proxy (caddy) that adds ssl to it.
This is in my services index.php:
However, my browsers dev console reports:
With curl, from my services host, I can verify it working:
I am unable to supply my
secretToken, as elastic-apm-rum.umd.min.js seems to ignore it. Am I missing something obvious?Thanks for your assistance! Best regards, Tim
PS: The service is also hooked up to APM with the php agent, which works great. This elastic cluster is run locally via docker.