I have a custom Shield plugin working with Elasticsearch that authenticates using a SAML token passed in the HTTP header. I want this authentication scheme work with Kibana as well. Kibana should deny access when the authentication fails and restrict access to Elasticsearch indices as appropriate.
Is it possible to configure Kibana to pass the HTTP header contents through to Elasticsearch for authentication? One use case is Kibana users will use a login page that populates the SAML token in the HTTP header then redirects them to Kibana. Kibana should then pass the HTTP Authentication information through to the Elasticsearch + Shield + Custom Realm Plugin on each call.
Another option might be upgrading to Kibana 4.4 to get the login screen then modify it using a plugin to authenticated using the SAML token?
Any suggestions would be appreciated