Add Issuer to SAML WARN log events

elastic / elasticsearch

Free and Open, Distributed, RESTful Search Engine

https://www.elastic.co/products/elasticsearch

Other

69.4k stars 24.56k forks source link

Add Issuer to SAML WARN log events #111022

Open n1v0lg opened 1 month ago

n1v0lg commented 1 month ago

Description

To aid debugging, we can extend our current WARN log messages for the SAML realm to include the issuer (if available). This will make it easier to diagnose false positive log messages (e.g., around signature validation failure) for deployments that have multiple SAML realms configured.

We should also improve our SAML common issues docs to mention that the WARN log can be benign in multi-realm setups.

elasticsearchmachine commented 1 month ago

Pinging @elastic/es-security (Team:Security)