Recently i installed an X-pah over Elasticsearch and Kibana and I tried to configure security.
Searching into kibana, with "elastic" user, I could see, inside "Management" section, the possibility to create users and groups and assign users to this new groups.
My surprise was that this configuration was totally stored in index .secure of elasticsearch and it not persist over role-mappings.xml.
I dont know how does work exactly the security in this case. In other older versions it only exist roles.yml and roles-mapping.yml to configure, but now, I can configure this files and also roles and users inside x-pack.
I supose that using x-path frontend in kibana to configure roles and users is to make easier the configuration but i dont know.
All this are because in the future i need to join elasticsearch with an active directory and seeing this post https://www.elastic.co/guide/en/shield/shield-1.1/active_directory.html i couldn't see anything about users and roles managed through Kibana x-path frontend.
Somebody know which is the correct way?