When you say "AD", I assume you mean ADFS - is that correct?
ADFS can support HTTP-Redirect and has been successfully used with the Elastic Stack. You may need to look at configuration options for your AD install.
1 if we use SSO, Do AD server have to support HTTP-Redirect?
Your Identity Provider must support a HTTP-Redirect binding for sign on, yes.
It's OK if it supports additional bindings, but we require a Redirect binding.
2 if the answer is yes ,why.
Because implementing support for each binding type is additional work, and we have chosen to implement HTTP-Redirect support, because it is required by the SAML comformance spec and all interoperability profiles.
3 can i disable SSO temporarily. how?
You can turn off SAML support in Kibana.
See: "SingleSignOnService Binding HTTP-POST" for previous discussion on this topic.