Wazuh SSO Keycloak Integration
356 views
Skip to first unread message
Dori
Mar 10, 2023, 5:30:30 PM3/10/23
to Wazuh mailing list
Hi,
I have installed a single node cluster of wazuh with indexer, manager, filebeat and dashboard in a same host. I was trying to integrate with Keycloak now but i have Internal Error 500 on my dashboard. I have followed the official documentation of Wazuh but i still get some errors from indexer and dashboard. Could you please help?
I will attach the logs here
Indexer error:
[ERROR][o.o.s.m.r.i.AbstractReloadingMetadataResolver] [node-1] Metadata Resolver SamlFilesystemMetadataResolver com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator_1: Error occurred while attempting to refresh metadata from '/etc/wazuh-indexer/“/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/idp-metadata.xml”'
Dashboard Error:
timestamp":"2023-03-10T22:17:17Z","tags":["error","opensearch","opendistro_security"],"pid":493059,"message":"Request error, retrying\nGET https://135.>
imestamp":"2023-03-10T22:17:17Z","tags":["warning","opensearch","opendistro_security"],"pid":493059,"message":"Unable to revive connection: https://13>
imestamp":"2023-03-10T22:17:17Z","tags":["warning","opensearch","opendistro_security"],"pid":493059,"message":"No living connections"}
imestamp":"2023-03-10T22:17:17Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Error: No Living c>
@timestamp":"2023-03-10T22:17:17Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:17Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
imestamp":"2023-03-10T22:17:18Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
imestamp":"2023-03-10T22:17:20Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
@timestamp":"2023-03-10T22:17:22Z","tags":["connection","client","error"],"pid":493059,"level":"error","error":{"message":"140242495174464:error:14094>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"135.18>
imestamp":"2023-03-10T22:17:23Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
imestamp":"2023-03-10T22:17:23Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Service Unavailabl>
@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/favicon.ico","method":"get","headers":{"ho>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"135.18>
imestamp":"2023-03-10T22:17:23Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Service Unavailabl>
@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
@timestamp":"2023-03-10T22:17:23Z","tags":["connection","client","error"],"pid":493059,"level":"error","error":{"message":"140242495174464:error:14094>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/favicon.ico","method":"get","headers":{"ho>
imestamp":"2023-03-10T22:17:25Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
","@timestamp":"2023-03-10T22:25:52Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/owa/auth/logon.aspx","method":"get","heade>
lines 3088-3128/3128 (END)
imestamp":"2023-03-10T22:17:17Z","tags":["warning","opensearch","opendistro_security"],"pid":493059,"message":"Unable to revive connection: https://13>
imestamp":"2023-03-10T22:17:17Z","tags":["warning","opensearch","opendistro_security"],"pid":493059,"message":"No living connections"}
imestamp":"2023-03-10T22:17:17Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Error: No Living c>
@timestamp":"2023-03-10T22:17:17Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:17Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
imestamp":"2023-03-10T22:17:18Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
imestamp":"2023-03-10T22:17:20Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
@timestamp":"2023-03-10T22:17:22Z","tags":["connection","client","error"],"pid":493059,"level":"error","error":{"message":"140242495174464:error:14094>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"135.18>
imestamp":"2023-03-10T22:17:23Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
imestamp":"2023-03-10T22:17:23Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Service Unavailabl>
@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/favicon.ico","method":"get","headers":{"ho>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":302,"req":{"url":"/","method":"get","headers":{"host":"135.18>
imestamp":"2023-03-10T22:17:23Z","tags":["error","plugins","securityDashboards"],"pid":493059,"message":"Failed to get saml header: Service Unavailabl>
@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"level":"error","error":{"message":"Internal Server Error","name":"Error","stack":"Error: In>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":500,"req":{"url":"/auth/saml/login?nextUrl=%2F","method":"get>
@timestamp":"2023-03-10T22:17:23Z","tags":["connection","client","error"],"pid":493059,"level":"error","error":{"message":"140242495174464:error:14094>
","@timestamp":"2023-03-10T22:17:23Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/favicon.ico","method":"get","headers":{"ho>
imestamp":"2023-03-10T22:17:25Z","tags":["error","opensearch","data"],"pid":493059,"message":"[ResponseError]: Response Error"}
","@timestamp":"2023-03-10T22:25:52Z","tags":[],"pid":493059,"method":"get","statusCode":401,"req":{"url":"/owa/auth/logon.aspx","method":"get","heade>
lines 3088-3128/3128 (END)
Aditya Sharma
Mar 12, 2023, 11:59:36 PM3/12/23
to Wazuh mailing list
Hi Dori,
Can you please follow the below documentation for the Wazuh SSO once: https://documentation.wazuh.com/current/user-manual/user-administration/single-sign-on/index.html
Below are the Identity Providers which work with Wazuh:
Identity providersI hope this helps you.
Regards
Aditya Sharma
Can you please follow the below documentation for the Wazuh SSO once: https://documentation.wazuh.com/current/user-manual/user-administration/single-sign-on/index.html
Below are the Identity Providers which work with Wazuh:
Identity providersI hope this helps you.
Regards
Aditya Sharma
HA
Mar 13, 2023, 3:36:31 AM3/13/23
to Wazuh mailing list
Hi,
Be carefull ! The ACS mentioned in the documentation (Keycloak) is wrong !
You need to specify the following one:
Regards,
HA
Reply all
Reply to author
Forward
0 new messages