Tools used : 1. Elasticsearch 2.1 with Shield 2.1 2. DgLux as a front end report generation tool 3. Company LDAP to authenticate user against groups
I'm trying to create a custom plugin which should use LDAP only for authorization.
Authentication is already happening via a third party LDAP utility to login into the system.
Every request that goes from DgLux to Elasticsearch will be authenticated and authorized to make sure that the user can perform specific task on the indices.
My requirement is that request will only have user in the header and shield shouldn't try to authenticate the request, only authorization should happen.
How can I built that plugin?