I receive the following error with OpenID (Azure) configuration :
opensearch-node1 | [2021-08-12T00:21:27,615][WARN ][c.a.d.a.h.j.AbstractHTTPJwtAuthenticator] [opensearch-node1] Failed to get subject from JWT claims, check if subject_key 'preferred_username' is correct.
opensearch-node1 | [2021-08-12T00:21:27,615][ERROR][c.a.d.a.h.j.AbstractHTTPJwtAuthenticator] [opensearch-node1] No subject found in JWT token
opensearch-node1 | [2021-08-12T00:21:27,616][WARN ][o.o.s.h.HTTPBasicAuthenticator] [opensearch-node1] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
opensearch-dashboards | {"type":"log","@timestamp":"2021-08-12T00:21:27Z","tags":["error","plugins","securityDashboards"],"pid":1,"message":"OpenId authentication failed: Error: Authentication Exception"}
@rtarek I would recommend to raise a ticket using below link to expose the JWT created from oidc. As currently there doesn’t appear to be a way to view the created JWT, which would help in your case.
@Anthony: thanks for reply
Implementing opensearch using helm able to ocnnect through localhost but when iI’m trying to setup OpenID integration with azure, keep on getting too many redirects url.From log i noticed below error
{“type”:“log”,“@timestamp”:“2021-11-:50:26Z”,“tags”:[“debug”,“opensearch”,“opendistro_security”,“query”],“pid”:1,“message”:“401\nGET /_plugins/_security/authinfo\n”}
{“type”:“log”,“@timestamp”:“2021-11-:50:26Z”,“tags”:[“error”,“plugins”,“securityDashboards”],“pid”:1,“message”:“OpenId authentication failed: Error: Authentication Exception”}
@skopen
I recently uploaded example of Azure integration to a github repo here
I would recommend to clone and run docker-compose up. The username and password are in the README file.
The config is included and is mapped as volumes. See if you can get it working by point it to your Azure, by changing the config.yaml and dashboards.yaml. If not, maybe the issue is from Azure configuration