I created my custom security plugin following this post. It is working for elasticsearch and I can use the custom headers to authenticate using localhost:9200/_security/_authenticate
Now, what if I want to sign-in to Kibana using the same custom headers? Is that doable, and how?
Note: I have tried curl "localhost:5601" (and variations) with my custom headers and I'm only getting the login page.
Hi Yanbang Liu,
It looks like your custom security plugin uses token based authentication. To enable that for Kibana you can set
xpack.security.authc.providers: [token] see https://www.elastic.co/guide/en/kibana/current/kibana-authentication.html#token-authentication
That doesn't work for login, which is in practice what you need for Kibana (API calls are far less infrequent than Elasticsearch). The token authentication provider performs login using user/pass credentials.
I do not believe this to be possible right now (*) - see also Authentication provider in Kibana
(*) At least, not easily. One can do it with legacy plugins if xpack security is disabled; It may also be possibly by a mix of legacy & new platform code, but I don't believe it can be done in a new-platform plugin. Please do let me know if I'm wrong about that.
Thank you for replying. I have already figured this out. Still appreciated.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.