Getting 400 bad request

taltsafrir · December 8, 2024, 7:20pm

Hi, we are using version 2.7 and saml, and from time to time we are getting 400 invalid request id
this is our config:
_meta:
type: “config”
config_version: 2
config:
dynamic:
authc:
basic_internal_auth_domain:
http_enabled: true
transport_enabled: true
order: 0
http_authenticator:
type: basic
challenge: false
authentication_backend:
type: internal
saml_auth_domain:
http_enabled: true
transport_enabled: false
order: 1
http_authenticator:
type: saml
challenge: true
config:
idp:
metadata_url: {{ metadata_url }}
entity_id: {{ entity_id }}
sp:
entity_id: kibana-saml
kibana_url: {{ kibana_url }}
roles_key: Role
exchange_key: {{ exchange_key }}
jwt:
expiry: AUTO+10080
authentication_backend:
type: noop

please any idea

Eugene7 · December 9, 2024, 11:54am

Hi @taltsafrir ,

Could you please share opensearch_dashboards.yml ?

Also, could you please send a URL where you found the following configuration?

taltsafrir · December 9, 2024, 1:09pm

server.name: "{{ opensearch_dashboards_name }}"

server.host: "0.0.0.0"

data_source.enabled: true

opensearch.hosts:
    - https://{{ node }}:9200
  {% endfor %}


opensearch.requestHeadersAllowlist: [ authorization,securitytenant ]

opensearch.ssl.verificationMode: certificate
#opensearch.ssl.verificationMode: none

server.ssl.enabled: true
server.ssl.certificate: client.pem
server.ssl.key: client-key.pem
opensearch.ssl.certificateAuthorities: root-ca.pem

server.xsrf.allowlist: ["/_opendistro/_security/saml/acs/idpinitiated", "/_opendistro/_security/saml/acs", "/_opendistro/_security/saml/logout"]


opensearch_security.multitenancy.enabled: true

opensearch_security.multitenancy.tenants.preferred: ["Global"]
opensearch_security.cookie.secure: true
opensearch_security.cookie.ttl: 86400000
opensearch_security.session.ttl: 86400000
opensearch_security.session.keepalive: true
opensearch_security.auth.type: 'saml'

about the config, I found it in one of the threads in the forum

Eugene7 · December 9, 2024, 2:27pm

Where did you receive the 400 error message? Do you see any error messages in the OpenSearch or OpenSearch Dashboards logs?

taltsafrir · December 10, 2024, 8:14am

I saw error 400 on opensearch dashboards log but nothing else
we receive those errors on chrome

rahulsen · December 12, 2024, 8:54am

Hi, I am also facing the same issue were you able to resolve it on Chrome? weirdly it works fine for me on Microsoft Edge

taltsafrir · December 12, 2024, 9:59am

no, it’s not resolved
but we are not working with microsoft edge

Topic		Replies	Views
Jwt error in opensearch Security	3	617	January 12, 2023
Getting 400 error OpenSearch	4	260	May 8, 2024
SAML authenticating and failing without exception Security troubleshoot , configure	9	906	April 17, 2023
400 bad request from saml Security troubleshoot	4	109	June 24, 2024
SAML configuration problems Security	2	1837	August 23, 2019

Getting 400 bad request

Related topics