Integrated Windows Authentication support?

data.dev · April 13, 2017, 4:28pm

Hello,
My client is planning to run Elasticsearch on Windows servers which users will accessed from Windows machines (server and desktop), all part of an Active Directory domain.

I understand that XPack allows users to authenticate against Active Directory, but one thing I am not clear from the documentation is how users actually pass their credentials to Elasticserver.

Do they need to pass their Windows credentials in each request (e.g. from basic auth headers), or is there a way to use Integrated Windows Authentication (i.e. Kerberos) so that the users' existing logged in identity can be used, without passing credentials to Elasticserver?

jaymode · April 13, 2017, 4:37pm

We currently use a LDAP connection to active directory so user's need to pass their credentials with the requests to authenticate. Kerberos is a feature that we have on our roadmap; however it is possible to implement Kerberos support in a custom realm extension.

system · May 11, 2017, 4:49pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kerberos auth howto Elasticsearch es-hadoop	3	781	April 13, 2017
Active directory Authentication Problem Elasticsearch elastic-stack-security	5	759	August 11, 2020
Kerberos, ActiveDirectory and Token API Combination Elasticsearch elastic-stack-security	1	410	November 28, 2019
Passing basic authentication from IIS to elasticsearch xpack Elasticsearch elastic-stack-security	3	486	April 10, 2019
Elasticsearch Active Directory Authorization only support Elasticsearch	5	1302	June 27, 2017

Integrated Windows Authentication support?

Related topics