Hi,
We are in the process of setting up SAML authentication with ELK. From Elastic Search, we are integrating with OneLogin, The integreation is successful and I am able to login with SAML user. I have given the role of superuser to the SAML user (by logging as elastic).
When I login as the saml user, I am able to access all the menus in the "Management" tab except the Users and Roles for which I am getting
What do you mean by this?
That your OneLogin user is called elastic?
That doesn't make them a superuser. Users are contained entirely within their own realms, so the builtin elastic user is not the same as a saml elastic user.
The only way to make a SAML user a superuser is to grant them that role through the role-mapping API in Elasticsearch.
No, My onelogin user name is not elastic. What I meant is, I provided super user role to my saml user by logging in to Kibana and adding roles through the management tab.
I tried setting up the role through Role Mapping API and it worked
Wonder why its not working when setting it up through Kibana Management menu
This is the same reason as above - when you assign roles in the Kibana Management UI, you were acting on a user in the "native" realm, not the saml realm.
It short, the "hanciv" user in that UI is unrelated to a "hanciv" user that authenticates via SAML.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
