Hi Team,
The elastic stack is great thing which made the log collection and virtualization so easy.
Thank you all for providing such great tools.
I secured my Elasticsearch rest API with an open source plugin, and any access to Elasticsearch http Rest API requires the basic authentication. In my own application, I embed some Kibana dashboards.
My requirement is that: when user accessing my application page which has Kibana dashboard embed, I don't like it to prompt the basic authentication dialog.
So is it possible to bypass the authentication by appending something like a token as a parameter to the Kibana Dashboard link, then Kibana pass this token to Elasticsearch, and I can validate the token in my Elasticsearch plugin.
I knew that we can put the user id/password in url header to bypass, but I don't want to do it like that.
Sample of my dashboard link:
192.168.0.2:5601/app/kibana#/dashboard/myDashboard?_g=()&_a=()&token=***
I found I can set the request header in esFactory, but I don't know how to pass the token to the esFactory. Thank you in advance.
es = esFactory({
host: esUrl,
log: 'info',
requestTimeout: 0,
apiVersion: esApiVersion,
plugins: [function (Client, config) {
// esFactory automatically injects the AngularConnector to the config
// https://github.com/elastic/elasticsearch-js/blob/master/src/lib/connectors/angular.js
_['class'](CustomAngularConnector).inherits(config.connectionClass);
function CustomAngularConnector(host, config) {
CustomAngularConnector.Super.call(this, host, config);
this.request = _.wrap(this.request, function (request, params, cb) {
if (String(params.method).toUpperCase() === 'GET') {
params.query = _.defaults({ _: Date.now() }, params.query);
}
**//params.headers={'Authorization': 'Basic ' + btoa('Admin:Admin')};**
return request.call(this, params, cb);
});
}
config.connectionClass = CustomAngularConnector;
}]
});