Skip to content

Issue setting up SSO #3185

New issue
New issue
Open
Open
Issue setting up SSO#3185
@Chrisj76au

Description

@Chrisj76au
Chrisj76au
opened on Dec 13, 2025

I followed the https://documentation.wazuh.com/ and https://integrations.goauthentik.io/monitoring/wazuh/ to setup the SSO.

When attempting to test I get {"statusCode":500,"error":"Internal Server Error","message":"Internal Error"}
and the wazuh-indexer.service stops if I restat it crashes again.

Try going re-load the site again and crashes again.

wazuh-indexer.service - wazuh-indexer
Loaded: loaded (/lib/systemd/system/wazuh-indexer.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Sat 2025-12-13 14:21:39 AEST; 4s ago
Duration: 27.211s
Docs: https://documentation.wazuh.com
Process: 4043 ExecStart=/usr/share/wazuh-indexer/bin/systemd-entrypoint -p ${PID_DIR}/wazuh-indexer.pid --quiet (code=exited, status=1/FAILURE)
Main PID: 4043 (code=exited, status=1/FAILURE)
CPU: 1min 44.241s

Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "org.apache.xml.security.ignoreLineBreaks" "write")
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: at java.base/java.lang.System.setProperty(System.java:1047)
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: at com.onelogin.saml2.util.Util.(Util.java:124)
Dec 13 14:21:38 wazuh systemd-entrypoint[4043]: ... 48 more
Dec 13 14:21:39 wazuh systemd[1]: wazuh-indexer.service: Main process exited, code=exited, status=1/FAILURE
Dec 13 14:21:39 wazuh systemd[1]: wazuh-indexer.service: Failed with result 'exit-code'.
Dec 13 14:21:39 wazuh systemd[1]: wazuh-indexer.service: Consumed 1min 44.241s CPU time.

I've rolled back the and tried the setup agin and agin and keeps failing.

wazuh-cluster.log

Only way to restore it is to remove

opensearch_security.auth.type: "saml"
server.xsrf.allowlist: ["/_opendistro/_security/saml/acs", "/_opendistro/_security/saml/logout", "/_opendistro/_security/saml/acs/idpinitiated"]
opensearch_security.session.keepalive: false

from /etc/wazuh-dashboard/opensearch_dashboards.yml
and reset the admin password

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions