Kibana error after DNS entry

Gauti · August 11, 2020, 6:28pm

Hi All,

WE have configured elastic stack by mentioning the IP address in all the config files and we have done OKta integration also. Now we have done a DNS entry for the IP address used, after this change we are not able to access kibana console through Okta authentication.

Below is the error we are getting.

{"statusCode":401,"error":"Unauthorized","message":"[security_exception] unable to authenticate user [<unauthenticated-saml-user>] for action [cluster:admin/xpack/security/saml/authenticate], with { header={ WWW-Authenticate={ 0=\"Bearer realm=\\\"security\\\"\" & 1=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } } }"}

Through local login i was able to login. Problem is with Okta authentication.

Any advice please.

Thanks
Gautham

azasypkin · August 12, 2020, 1:11pm

Hi @Gauti,

Have you properly reconfigured Elasticsearch SAML realm to work with DNS names instead of IPs? Does Okta metadata file/URL you use in Elasticsearch configuration also reflect that change?

Also you should be able to locate a more detailed error message in the Elasticsearch logs.

Let me know if you still have any questions,
Oleg

system · September 9, 2020, 1:11pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.