Warnings even though I only have single authentication backend

** On behalf of user of Slack **

"Hi Folks,
Need a quick help,
Any reason I would be getting these warnings even though I only have single authentication backend configured?

No ‘Authorization’ header, send 401 and ‘WWW-Authenticate Basic’

I understand there was an issue filed for similar warning messages but in those cases, they had multiple authentication backend."

“I think this is what is happening with apache http client, it sends the request without any headers/credentials which is when the server challenges back the client following which the client sends the request with the creds.”

Hi Dhruvan Tanna,

Could you please share your config.yml and opensearch_dashboards.yml files?
What version of OpenSearch are you using and how did you deploy your cluster?


Hey @Mantas

This message is a warning message that is expected when you run with the SAML endpoint configuration you are using. This is a response from not having a Basic auth header. Showning your securityconfig/config.yml would help.

Sound like something like this…

To add some details on my findings, I was trying to understand on how the requests are made from the apache client ( this is what we are using) to elasticsearch. From the logs I could see that each and every requests from the http client is sent twice. First one without the credentials/basic auth headers and only when the server sends a CHALLENGE to the client, that is when the client sends the request again but this time with the basic auth credentials.

The order of the apache client http requests is as follows:

  1. The Client sends the HTTP Request with no credentials
  2. The Server sends back a challenge
  3. The Client negotiates and identifies the right authentication scheme
  4. The Client sends a second Request, this time with credentials