A plugin adds authentication to Kibana dashboards!
- NodeJS 6.9.2+
- NPM
- MS Build tools / Unix build tools
- Python 2.7
To compile the binary module argon2-ffi build tools are requried, install with
windows:
npm install --global --production windows-build-tools
unix:
sudo apt-get install build-essential libssl-dev libffi-dev python-dev
This installs MS build tools and python 2.7 and is required for node-gyp to work.
To check out the sources and build the plugin do the following
git clone https://github.com/codingchili/kbn-authentication-plugin
cd kbn-authentication-plugin
npm install
mocha test --recursive -u tdd
npm install --arch=ia32
mocha test --recursive -u tdd
Perform the following steps to create an installable zip:
- Set the target $KIBANA_VERSION in package.json, must match exactly. Example:
5.5.0 - move kbn-authentication-plugin into a folder named 'kibana'.
- Create a zip file that includes the 'kibana' folder.
- The plugin can then be installed with the kibana-plugin install command, see installing.
sed -Ei "s/(\"version\":).*$/\1 \"5.5.0\"/" kbn-authentication-plugin/package.json
mkdir kibana && mv kbn-authentication-plugin kibana/kbn-authentication-plugin
zip -r kbn-authentication-plugin.zip kibana
kibana-plugin install file:///path/to/kbn-authentication-plugin.zip
To install the plugin use the kibana-plugin utility, example:
./kibana-plugin install 'file:///path/to/kbn-authentication-plugin.zip'
Default username and password is: 'username' and 'password' for the file storage.
To add a new user run the adduser utility, not supported in LDAP mode.
node adduser.js USERNAME PASSWORD
Make sure to set the correct version in json.config. The version must match the version of Kibana being used.
- two factor authentication with time based tokens.
- supports scanning a barcode in the Google Authenticator app for example.
- supports storing user credentials and keys in a simple json file.
- supports storing user credentials and keys in MongoDB.
- supports storing user credentials in LDAP and keys in a json file.
- json web token authentication using Kibanas bundled HAPI package.
- uses the latest password hashing contest winner!
- See: Argon2
If the Kibana instance is already running it may be set to reload all plugins on change, if not then try restarting the instance. The authentication plugin is tested working with Kibana version 5.6.2.
If you have issues installing the plugin,
- make sure that the version in package.json is matching your kibana version.
- make sure to build with --arch=ia32 as kibana ships with a bundled x86 nodejs for windows.
Multi-user capabilities is completed, all authenticated users share the same indice and dashboards. No plans on implementing this for now.
- running npm --install with --arch=ia32 breaks mocha but works with Kibana.
- running npm --install without --arch=ia32 works with mocha but not Kibana.
We are not happy about this.