Hi,
I've worked by xpack security and its custom realms with its basic definitions as well as run-as feature.
But what I am looking for now, is passing on the token (like SAML) to the ES and then parse that token to authenticate the request.
How can I pass this token to the ES and have access to it in my custom realm? Can I have my own custom headers in the request which hands this token?
Thanks in advance
There's a couple of different ways to interpret your question, and I'm not sure which one you're looking for.
Can you clarify which of these you mean (or something else entirely)
In this case, Kibana doesn't play any role then I don't want to pass on something throw Kibana.
Just think I'm calling the ES directly with curl or my application. My question is this could I send the token (let's say SAML) by header and get access to that in the custom realm code and use that for Authentication and maybe use to discover the roles.
Thanks
In which case, that's fine.
You implement getRestHeaders in your extension class, and list the headers that you want to use in your realm (example).
Then in your realm, in the token method, you can get access to that header through the ThreadContext (example).
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.