OpenSearch Dashboards does not authenticate with SSL disabled

Issue:
I have a graylog + opensearch + opensearch-dashboards configured in docker via docker compose.
Graylog works, authenticates normally with opensearch, opensearch-dashboard starts normally the interface, but when authenticating, it doesn’t work.

Configuration:
My compose:

version: '3'

networks:
  graynet:
    driver: bridge

volumes:
  mongo_data:
    driver: local
  log_data:
    driver: local
  graylog_data:
    driver: local

services:
  mongo:
    image: mongo:6.0.5-jammy
    container_name: mongodb
    volumes:
      - mongo_data:/data/db
    networks:
      - graynet
    restart: unless-stopped

  opensearch:
    image: opensearchproject/opensearch:2.15.0
    container_name: opensearch
    environment:
      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
      - "bootstrap.memory_lock=true"
      - "discovery.type=single-node"
      - "action.auto_create_index=false"
      - "plugins.security.ssl.http.enabled=true"
      - "plugins.security.disabled=true"
      - "OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
    volumes:
      - log_data:/usr/share/opensearch/data
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    ports:
      - "9200:9200"
      - "9300:9300"
      - "9600:9600"
    networks:
      - graynet
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://opensearch:9200"]
      interval: 10s
      timeout: 5s
      retries: 3

  opensearch-dashboards:
    image: opensearchproject/opensearch-dashboards:2.15.0
    container_name: opensearch-dashboards
    ports:
      - "5601:5601"
    expose:
      - "5601"
    environment:
      OPENSEARCH_HOSTS: '["http://opensearch:9200"]'
      OPENSEARCH_DASHBOARDS_SKIP_CSP_WARNING: "true"
      OPENSEARCH_SECURITY_ENABLED: "false"
      OPENSEARCH_DASHBOARDS_ENABLE_CSP_HEADER: "false"
      OPENSEARCH_USERNAME: 'admin'
      OPENSEARCH_PASSWORD: '${OPENSEARCH_INITIAL_ADMIN_PASSWORD}'
    networks:
      - graynet
    depends_on:
      - opensearch

  graylog:
    image: graylog/graylog:6.0.4-1
    container_name: graylog
    environment:
      GRAYLOG_PASSWORD_SECRET: "somepasswordpepper"
      GRAYLOG_ROOT_PASSWORD_SHA2: "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"
      GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
      GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/"
      GRAYLOG_ELASTICSEARCH_HOSTS: 'http://opensearch:9200'
      GRAYLOG_ELASTICSEARCH_USERNAME: "admin"
      GRAYLOG_ELASTICSEARCH_PASSWORD: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"

      GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
      GRAYLOG_TIMEZONE: "America/Fortaleza"
      TZ: "America/Fortaleza"
      GRAYLOG_TRANSPORT_EMAIL_PROTOCOL: "smtp"
      GRAYLOG_TRANSPORT_EMAIL_WEB_INTERFACE_URL: "http://192.168.125.20:9000/"
      GRAYLOG_TRANSPORT_EMAIL_HOSTNAME: "smtp.mail"
      GRAYLOG_TRANSPORT_EMAIL_ENABLED: "true"
      GRAYLOG_TRANSPORT_EMAIL_PORT: "587"
      GRAYLOG_TRANSPORT_EMAIL_USE_AUTH: "true"
      GRAYLOG_TRANSPORT_EMAIL_AUTH_USERNAME: "xxxxx"
      GRAYLOG_TRANSPORT_EMAIL_AUTH_PASSWORD: "xxxxx"
      GRAYLOG_TRANSPORT_EMAIL_USE_TLS: "true"
      GRAYLOG_TRANSPORT_EMAIL_USE_SSL: "false"
      GRAYLOG_TRANSPORT_FROM_EMAIL: "graylog@example.com"
      GRAYLOG_TRANSPORT_SUBJECT_PREFIX: "[graylog]"
    volumes:
      - "graylog_data:/usr/share/graylog/data"
    networks:
      - graynet
    ports:
      - "9000:9000"
      - "514:514/tcp"
      - "514:514/udp"
      - "10001:10001/tcp"
      - "10001:10001/udp"
      - "10002:10002/tcp"
      - "10002:10002/udp"
      - "10003:10003/tcp"
      - "10003:10003/udp"
    restart: always
    depends_on:
      - opensearch
      - mongo

Relevant Logs or Screenshots:

Hey @sandson

Why do you have two web UI on OpenSearch?

Hello @Gsmitt. All good?
As far as I know, the OpenSearch doesn’t have an interface by default. You need to install OpenSearch Dashboards as an additional configuration, which is what I did.

This is true, you need OSD, but Graylog is a Web UI for OpenSearch and uses MongoDb for metadata. that s why I was asking. Unless I’m reading you statement wrong?

Ah, I understand your question.
I have more granularity to develop more complete, more beautiful dashboards (for the C-Levels), multi-tenancy division, and some other integrations that I can do on the OpenSearch side. I want to test some other functions/options that Graylog doesn’t offer.

I see, If your having issue with using Graylog connected to OpenSearch and trying to connect OpenSearch-dashboard to same database, you may want to use docker-compose for Graylog/OpenSearch/MongoDb. Graylog does the configuration for OpenSearch using MongoDb as the metadata ( i.e., configuration/users/etc…). You may have issues trying to connect both to the same database.

Hmm… I understand.

In this case, I have to make a forwarder to send the logs to another opensearch. Would this be the best way?
Should Opensearch on multiple nodes work in this case?
Or would it be more interesting to upload another Opensearch just to receive and connect the opensearch-dashboards?

For testing, graylog with opensearch and another Opensearch with opensearch-dashboard

Yeah. Tks for your help.
I’ll follow this path for testing.