I am using ElasticCloud and version in v6.5.4 , would like some help in here...
What i wanna to do
Using Gsuite and email as Kibana login
Follow Post (https://www.elastic.co/guide/en/cloud/release-ms-14/ec-securing-clusters-SAML.html )edit elasticsearch.yml and kibana.yml
i added config in elasticsearch.yml
xpack:
security:
authc:
realms:
cloud-saml:
type: saml
order: 2
attributes.principal: "urn:oid:0.9.2342.19200300.100.1.1"
attributes.groups: "urn:oid:1.3.6.1.4.1.5923.1.5.1."
idp.metadata.path: "Gsuite meta xml file in AWS S3 Bucket with Public Access "
idp.entity_id: "https://accounts.google.com/o/saml2?idpid=MYID"
sp.entity_id: "https://MY_KIBANA_URL:9243/"
sp.acs: "https://MY_KIBANA_URL:9243/api/security/v1/saml"
sp.logout: "https://MY_KIBANA_URL:9243/logout"
i added config in kibana.yml
xpack.security.authProviders: [saml]
server.xsrf.whitelist: [/api/security/v1/saml]
xpack.security.public:
protocol: https
hostname: KIBANA_URL (Without https and port number)
port: 9243
Symptoms
- Access Kibana url
- Redirect to Google Login Page
- Redirect back to Kibana url
- Appear 401 error and no error appear in elasticcloud logs
{"statusCode":401,"error":"Unauthorized","message":"[security_exception] unable to authenticate user [] for action [cluster:admin/xpack/security/saml/authenticate],
with { header={ WWW-Authenticate={ 0="Bearer realm=\"security\"" & 1="Basic realm=\"security\" charset=\"UTF-8\"" } } } :: {"path":"/_xpack/security/saml/authenticate","query":{},"body":"{\"ids\":[\"_xxxxxxxxxxxxxxxx\"],\"content\":\"SOME_LONG_CONTENT\"}","statusCode":401,"response":"{\"error\":{\"root_cause\":[{\"type\":\"security_exception\",\"reason\":\"unable to authenticate user [] for action [cluster:admin/xpack/security/saml/authenticate]\",\"header\":{\"WWW-Authenticate\":[\"Bearer realm=\\\"security\\\"\",\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"]}}],\"type\":\"security_exception\",\"reason\":\"unable to authenticate user [] for action [cluster:admin/xpack/security/saml/authenticate]\",\"header\":{\"WWW-Authenticate\":[\"Bearer realm=\\\"security\\\"\",\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\"]}},\"status\":401}","wwwAuthenticateDirective":"Bearer realm=security, Basic realm=\"security\" charset=\"UTF-8\""}"}