We have set up apache proxy login and kibana receives username and organisation in headers and want to map this to user roles. However we only get the opendistro security login screen ( which works for internal users). I was expecting this login not to pop up when authenticated by proxy. I can see in the kibana log that the field : oidc_claim_connect-userid_sec is present in the request and got the value that I specd in roles mapping.
The roles mapping :
“description”: “Maps admin to all_access”
parts of securityconfig/config.yml :
description: “Authenticate via proxy”
# roles_header: “ssl_server_s_dn_o”
description: “Authenticate via HTTP Basic against internal users database”