SSO Using OpenID Connect

Yungyoung_Ok · March 6, 2020, 9:31am

I am currently conducting the sso test.

User authentication has all been successful.
However 403 error occurs.

What settings should I add?

ERROR:
{"statusCode":403,"error":"Forbidden","message":"Forbidden"}

ES LOG:
[2020-03-06T12:51:57,553][TRACE][o.e.x.s.a.o.OpenIdConnectAuthenticator] [DESKTOP-O6EUAL0] OpenID Connect Provider redirected user to [/api/security/v1/oidc?state=~~&code=~~~&scope=openid&authuser=0&prompt=consent]. Expected Nonce is [~~~~] and expected State is [~~~]
"access_token": "access_token_value",
"expires_in": 3599,
"scope": "openid",
"token_type": "Bearer",
"id_token": "id_token_value"
}]
[2020-03-06T12:51:57,933][TRACE][o.e.x.s.a.o.OpenIdConnectAuthenticator] [DESKTOP-O6EUAL0] Successfully exchanged code for ID Token: [value] and Access Token [value]
[2020-03-06T12:51:57,981][TRACE][o.e.x.s.a.o.OpenIdConnectAuthenticator] [DESKTOP-O6EUAL0] Received and validated the Id Token for the user: [{"at_hash":"value","aud":"value","sub":"value","azp":"value","iss":"https://accounts.google.com","exp":1583470318,"nonce":"value","iat":1583466718}]
[2020-03-06T12:51:58,325][TRACE][o.e.x.s.a.o.OpenIdConnectAuthenticator] [DESKTOP-O6EUAL0] Received UserInfo Response from OP with status [200] and content [{
"sub": "value",
"picture": "value"
}]
[2020-03-06T12:51:58,328][TRACE][o.e.x.s.a.o.OpenIdConnectAuthenticator] [DESKTOP-O6EUAL0] Successfully retrieved user information: [{"sub":"116021723082891204727","picture":"value"}]
[2020-03-06T12:52:42,021][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-O6EUAL0] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/127.0.0.1:56539}
[2020-03-06T12:53:42,030][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-O6EUAL0] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/0:0:0:0:0:0:0:1:56551}
[2020-03-06T12:54:42,039][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-O6EUAL0] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/127.0.0.1:56563}
[2020-03-06T12:55:42,047][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-O6EUAL0] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/0:0:0:0:0:0:0:1:56569}

Marius_Dragomir · March 12, 2020, 1:30pm

There is not much we can figure out from the logs, without the config.

system · April 9, 2020, 1:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSO test using OpenID Connect in elasticsearch Elasticsearch elastic-stack-security	6	1045	April 7, 2020
Getting 403 forbidden error on User authentication with OpenID connect Elasticsearch elastic-stack-security	3	2955	March 6, 2020
Keycloak Elasticsearch/Kibana Configuration Elasticsearch elastic-stack-security	9	2147	April 13, 2022
Kibana - Use Laravel Passport as OpenID Connect Provider to SSO with Elastic and Kibana Kibana elastic-stack-security	4	1150	November 17, 2021
Openid connect for kibana login Kibana elastic-stack-security	4	1028	January 10, 2020

SSO Using OpenID Connect

Related topics