[BUG] dashboard Error: no handler found for uri [/_plugins/_security/authinfo] and method [GET]"}

[nicolechec]

Describe the bug

A clear and concise description of what the bug is.

➜  ~ curl --insecure -u admin:admin -XGET http://172.29.253.204:9200
{
  "name" : "opensearch-cluster-master-0",
  "cluster_name" : "opensearch-cluster",
  "cluster_uuid" : "4ebJRnOKQvW7WbwXyAu_Rw",
  "version" : {
    "distribution" : "opensearch",
    "number" : "2.17.1",
    "build_type" : "tar",
    "build_hash" : "1893d20797e30110e5877170e44d42275ce5951e",
    "build_date" : "2024-09-26T21:59:32.078798875Z",
    "build_snapshot" : false,
    "lucene_version" : "9.11.1",
    "minimum_wire_compatibility_version" : "7.10.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}
➜  ~
➜  ~ curl --insecure -u admin:admin -XGET http://172.29.253.204:9200/_cat/nodes
192.168.8.230 32 2 1 1.02 0.66 0.42 dimr data,ingest,master,remote_cluster_client - opensearch-cluster-master-1
192.168.9.38  40 2 1 0.48 0.22 0.19 dimr data,ingest,master,remote_cluster_client - opensearch-cluster-master-2
192.168.9.91  28 2 1 1.13 1.68 1.80 dimr data,ingest,master,remote_cluster_client * opensearch-cluster-master-0

plugins.security.disabled: true and plugins.security.ssl.http.enabled: false, opensearch_dashboards.yml
In opensearch_dashboards.yml use HTTP instead of HTTPS to OpenSearch node.

opensearch.hosts: ["http://<OpenSearch_node>:9200"]  

An error occurs when you access the dashboard

{"type":"log","@timestamp":"2024-11-13T05:18:07Z","tags":["error","plugins","securityDashboards"],"pid":1,"message":"Failed authentication: Error: no handler found for uri [/_plugins/_security/authinfo] and method [GET]"}
{"type":"response","@timestamp":"2024-11-13T05:18:07Z","tags":[],"pid":1,"method":"post","statusCode":401,"req":{"url":"/auth/login?dataSourceId=","method":"post","headers":{"host":"localhost:8080","connection":"keep-alive","content-length":"49","sec-ch-ua":"\"Chromium\";v=\"128\", \"Not;A=Brand\";v=\"24\", \"Google Chrome\";v=\"128\"","sec-ch-ua-platform":"\"macOS\"","osd-xsrf":"osd-fetch","sec-ch-ua-mobile":"?0","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36","osd-version":"2.17.1","content-type":"application/json","accept":"*/*","origin":"http://localhost:8080","sec-fetch-site":"same-origin","sec-fetch-mode":"cors","sec-fetch-dest":"empty","referer":"http://localhost:8080/app/login?nextUrl=%2Fapp%2Fhome","accept-encoding":"gzip, deflate, br, zstd","accept-language":"zh-CN,zh;q=0.9"},"remoteAddress":"127.0.0.1","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36","referer":"http://localhost:8080/app/login?nextUrl=%2Fapp%2Fhome"},"res":{"statusCode":401,"responseTime":7,"contentLength":9},"message":"POST /auth/login?dataSourceId= 401 7ms - 9.0B"}

To Reproduce Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected behavior A clear and concise description of what you expected to happen.

OpenSearch Version Please list the version of OpenSearch being used.

Dashboards Version Please list the version of OpenSearch Dashboards being used.

Plugins

Please list all plugins currently enabled.

Screenshots

If applicable, add screenshots to help explain your problem.

Host/Environment (please complete the following information):

• OS: [e.g. iOS]
• Browser and version [e.g. 22]

Additional context

Add any other context about the problem here.

[nicolechec]

OpenSearch Version:

• opensearch-2.26.0
• opensearch-dashboards-2.24.0

[Hailong-am]

plugins.security.disabled: true and plugins.security.ssl.http.enabled: false,

seems that you have disabled security plugin for OpenSearch, you need to disable security-dashboard-plugin in your opensearch_dashboards.yml file by adding opensearch_security.enabled: false

after add this configuration, please remember restart your OpenSearch Dashboard.

[nicolechec]

@Hailong-am thanks so much for the reply! I retest. info：plugins.security.disabled: false,plugins.ssl.http.enabled:true
we have set up an OpenSearch cluster with security features enabled. Specifically:

The OpenSearch cluster has the security plugin enabled, with SSL/TLS encryption configured for the HTTP interface. This means that all communication with the OpenSearch cluster must be done over a secure HTTPS connection. To enable secure communication, we have configured the OpenSearch cluster to use self-signed TLS certificates. However, to simplify the setup, we have also configured OpenSearch to skip the verification of these TLS certificates. The Prometheus Agent, which is responsible for scraping metrics from the OpenSearch cluster, is configured to access the "_prometheus/metrics" endpoint over HTTPS. It is also configured to skip the verification of the TLS certificates, matching the OpenSearch cluster's configuration. The OpenSearch Dashboards component, which provides a web-based interface for interacting with the OpenSearch cluster, is also configured to connect to the OpenSearch cluster over HTTPS and skip the TLS certificate verification.

the Prometheus Agent is still encountering ahttps://192.168.8.235:9200/_prometheus/metrics": 401; expecting 200; response body: "Unauthorized" error when trying to access the OpenSearch metrics endpoint over HTTPS, even though you have configured the basicAuth settings in the ServiceMonitor.

[Hailong-am]

can you try with curl --insecure -u <user>:<password> -XGET http://172.29.253.204:9200/_prometheus/metrics to make sure OpenSearch configuration is correct?