I’ve installed multi-tenant, configured it, and gotten it active. It shows up in Kibana, and I can see the Global and Private tenants. I can even see tenants that I configure for the kibana users.
However, the username displayed in the tenant module, in Kibana is not the user that’s logged in, it’s the DN of the certificate used by the Kibana user. Which means none of role based tenants are showing up - they’re based on the username (or rather, the ldap groups associated with that user), not the Kibana user.
Anyone have any ideas?
It would also be nice if multi-tenant could use certificates, not basic auth. It’s the only place left in our system that uses that.
Details:
Elasticsearch/Kibana 5.4.1
Elasticsearch Searchguard plugins:
dlic-search-guard-authbackend-ldap-5.0-7-jar-with-dependencies.jar
dlic-search-guard-module-dlsfls-5.3-6-jar-with-dependencies.jar
dlic-search-guard-module-kibana-multitenancy-5.4-3-jar-with-dependencies.jar
dlic-search-guard-rest-api-5.3-5-jar-with-dependencies.jar
search-guard-5-5.4.1-12.jar
search-guard-ssl-5.4.1-22.jar
Kibana searchguard plugin 5.4.1-3
Thank you.
···
–
Nobody believed that I could build a space station here. So I built it anyway. It sank into the vortex. So I built another one. It sank into the vortex. The third station burned down, fell over then sank into the vortex. The fourth station just vanished. And the fifth station, THAT stayed!