Opensearch Dashboards: 2.3.0

Hello,

I’m new to opensearch and trying to install it

When I try to log on the dashboard page with my browser on port 5601 I see this message
{“statusCode”:401,“error”:“Unauthorized”,“message”:“Authentication required”}

Also in the logs I see this, I don’t know if it’s related
{“type”:“log”,“@timestamp”:“2022-11-24T00:17:46Z”,“tags”:[“error”,“plugins”,“securityDashboards”],“pid”:75656,“message”:“StatusCodeError: no handler found for uri [/_plugins/_security/tenantinfo] and method [GET]\n at respond (/usr/local/opensearch-dashboards/node_modules/elasticsearch/src/lib/transport.js:349:15)\n at checkRespForFailure (/usr/local/opensearch-dashboards/node_modules/elasticsearch/src/lib/transport.js:306:7)\n at HttpConnector. (/usr/local/opensearch-dashboards/node_modules/elasticsearch/src/lib/connectors/http.js:173:7)\n at IncomingMessage.wrapper (/usr/local/opensearch-dashboards/node_modules/lodash/lodash.js:4991:19)\n at IncomingMessage.emit (node:events:525:35)\n at endReadableNT (node:internal/streams/readable:1358:12)\n at processTicksAndRejections (node:internal/process/task_queues:83:21) {\n status: 400,\n displayName: ‘BadRequest’,\n path: ‘/_plugins/_security/tenantinfo’,\n query: {},\n body: {\n error: ‘no handler found for uri [/_plugins/_security/tenantinfo] and method [GET]’\n },\n statusCode: 400,\n response: ‘{"error":"no handler found for uri [/_plugins/_security/tenantinfo] and method [GET]"}’,\n toString: [Function (anonymous)],\n toJSON: [Function (anonymous)]\n}”}
{“type”:“log”,“@timestamp”:“2022-11-24T00:17:46Z”,“tags”:[“listening”,“info”],“pid”:75656,“message”:“Server running at http://x.x.x.x:5601”}

My configuration looks like that
server.host: “0.0.0.0”
server.basePath: “/kibana”
opensearch.hosts: [http://127.0.0.1:9200]
opensearch.ssl.verificationMode: none
opensearch.username: kibanaserver
opensearch.password: kibanaserver
opensearch.requestHeadersWhitelist: [authorization, securitytenant]

opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: [Private, Global]
opensearch_security.readonly_mode.roles: [kibana_read_only]

Use this setting if you are running opensearch-dashboards without https

opensearch_security.cookie.secure: false
opensearch_security.session.keepalive: false

Thank you

When this happened to me, it was because I had to configured the account on OpenSearch. Let’s try a few things:

1. if you hit http://127.0.0.1:9200 in your browser, does it ask for username and password? Are you able to authenticate successfully there? If not, OpenSearch doesn’t know about this user.
2. While configuring the Security plugin on OpenSearch, did you replace the certificates and default internal users? Did you, by chance, remove kibanaserver too?
3. FYI, your configuration file for OpenSearch Dashboards is identical to mine and I am using the internal user database to manage access. Is that what you intend to use too or do you have an external auth provider?

Hello,

Thank you for your reply.
I managed to access the dashboard since my first message but at the price of disabling the security plugin. But I cannot reenable it since I’m on Openbsd. I wrote a feature request on github.

While configuring the Security plugin on OpenSearch, did you replace the certificates and default internal users? Did you, by chance, remove kibanaserver too?
I didn’t configure the security plugin and didn’t replace the certificates but certificates play a role only when https is called.
I didn’t replace default internal users.
Do you know by chance where internal users are configured ? and where the security plugin is configured.
I didn’t have kibana installed.

FYI, your configuration file for OpenSearch Dashboards is identical to mine and I am using the internal user database to manage access. Is that what you intend to use too or do you have an external auth provider?
Yes I don’t use an external database, I’m the single user of the application.

Thank you

Hello,
One year later, I can say that using certificates is mandatory to have the security plugin enabled.
Now I have it enabled