Wataru Takase

Could you try to remove `proxy_redirect off;`?

Could you check this [article](https://groups.google.com/forum/#!topic/search-guard/msyhm5kZNBU)? And check your `elasticsearch.ssl.certificateAuthorities` and `own_home.elasticsearch.ssl.certificateAuthorities` options.

I have no experience with x-pack. Please refer [search guard kibana plugin example](https://github.com/wtakase/kibana-own-home#extract-username-from-session-instead-of-request-header-experimental) and [x-pack security settings in kibana](https://www.elastic.co/guide/en/kibana/master/security-settings-kb.html).

Hello. I think it is searchguard issue.

I'm not familiar with SAML. If your httpd/nginx server can get authenticated username from environment variable such as `REMOTE_USER`, your httpd, for example, can pass the username to the plugin...

What about [this patch](https://github.com/wtakase/kibana-own-home/compare/hide-personal-index)? For example, you can use `own_home.personal.enabled` option as follows: ``` . . . own_home.personal.enabled: false own_home.local.groups: [ public, sandbox ] own_home.default_kibana_index_suffix: public ``` With the above...

> Thus, my question is: Is it only possible to use Own Home in combination with Search Guard if the server.defaultRoute is set to /app/own_home? Yes, you need to set...

Could you try to add `xpack.spaces.enabled: false` in your kibana.yml?

If you set `own_home.local.enabled: false` and `own_home.ldap.enabled: false`, each user only can see own personal `.kibana.index`. If you set `own_home.local.enabled: true`, you can have a global `.kibana.index` which can be...

Could you try to replace `elasticsearch.requestHeadersWhitelist: [ 'authorization', 'username' ]` with `elasticsearch.requestHeadersWhitelist: [ username, cookie ]`?