elastauth

command module

v1.0.12 Latest Latest Go to latest Published: Mar 15, 2024 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/wasilak/elastauth

Links

Open Source Insights

README ¶

elastauth

Designed to work as a forwardAuth proxy for Traefik (possibly others, like nginx, but not tested) in order to use LDAP/Active Directory for user access in Elasticsearch without paid subscription.

Request goes to Traefik
Traefik proxies it to Authelia in order to verify user
If it receives 200 forwards headers from Authelia to second auth -> kibana-auth-proxy
kibana-proxy-auth:
- generates random password for local Kibana user (has nothing to do with LDAP password)
- uses information from Authelia headers to create/update local user in Kibana + AD group/kibana roles mappings from config file
- generates and passes back to Traefik header:
```
Authorization: Basic XXXYYYZZZZ
```
Traefik passes user to Kibana with Authorization header which has password already set by kibana-proxy-pass and logs him/her in :)
Passwords are meant to have short time span of life and are regenerated transparently for user while using Kibana

Headers used by Authelia and kibana-auth-proxy:

remote-email
remote-groups
remote-name
remote-user

architecture

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cache
libs
logger

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL