failed parsing SAML config #2148
Description
Hi,
I just deployed Wazuh in Docker. I would like to set SAML authentication with Authelia. I used this guide:
https://integrations.goauthentik.io/monitoring/wazuh/
I changed the file path to match the docker container, this was not a problem.
In /etc/wazuh-indexer/opensearch-security/config.yml I use "metadata_url" instead of "metadata_file" because #2080
The metadata will successfully loaded:
2026-01-01T10:45:51.411743650Z [2026-01-01T10:45:51,410][INFO ][o.o.s.m.r.i.AbstractReloadingMetadataResolver] [wazuh.indexer] Metadata Resolver SamlHTTPMetadataResolver com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator_1: New metadata successfully loaded for 'https://auth.XY.duckdns.org/application/saml/wazuh/metadata/'
After I modify the /etc/wazuh-dashboard/opensearch_dashboards.yml in the last step, I can't no more reach the web UI. (When I comment out this section, web UI works again.)
Error messages:
- Web browser:
{
"statusCode": 500,
"error": "Internal Server Error",
"message": "Internal Error"
}
- Wazuh indexer log:
2026-01-01T10:02:40.306004602Z [agentkeepalive:deprecated] options.freeSocketKeepAliveTimeout is deprecated, please use options.freeSocketTimeout instead
2026-01-01T10:02:40.336228001Z Error: failed parsing SAML config
2026-01-01T10:02:40.336247265Z at SecurityClient.getSamlHeader (/usr/share/wazuh-dashboard/plugins/securityDashboards/server/backend/opensearch_security_client.ts:214:15)
2026-01-01T10:02:40.336256289Z at processTicksAndRejections (node:internal/process/task_queues:95:5)
2026-01-01T10:02:40.336259553Z at /usr/share/wazuh-dashboard/plugins/securityDashboards/server/auth/types/saml/routes.ts:80:30
2026-01-01T10:02:40.336262301Z at Router.handle (/usr/share/wazuh-dashboard/src/core/server/http/router/router.js:174:44)
2026-01-01T10:02:40.336264823Z at handler (/usr/share/wazuh-dashboard/src/core/server/http/router/router.js:140:50)
2026-01-01T10:02:40.336267368Z at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)
2026-01-01T10:02:40.336269803Z at Object.internals.handler (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/handler.js:46:20)
2026-01-01T10:02:40.336280999Z at exports.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/handler.js:31:20)
2026-01-01T10:02:40.336283802Z at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)
2026-01-01T10:02:40.336286306Z at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)
2026-01-01T10:02:40.336288896Z Failed to get saml header: Error: Error: failed parsing SAML config | type=log @timestamp=2026-01-01T10:02:40Z tags=["error","plugins","securityDashboards"] pid=54
2026-01-01T10:02:40.338065487Z ERR Internal Server Error | type=error @timestamp=2026-01-01T10:02:40Z tags=[] pid=54 error={"message":"Internal Server Error","name":"Error","stack":"Error: Internal Server Error\n at HapiResponseAdapter.toError (/usr/share/wazuh-dashboard/src/core/server/http/router/response_adapter.js:127:19)\n at HapiResponseAdapter.toHapiResponse (/usr/share/wazuh-dashboard/src/core/server/http/router/response_adapter.js:83:19)\n at HapiResponseAdapter.handle (/usr/share/wazuh-dashboard/src/core/server/http/router/response_adapter.js:79:17)\n at Router.handle (/usr/share/wazuh-dashboard/src/core/server/http/router/router.js:175:34)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)\n at handler (/usr/share/wazuh-dashboard/src/core/server/http/router/router.js:140:50)\n at exports.Manager.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/toolkit.js:60:28)\n at Object.internals.handler (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/handler.js:46:20)\n at exports.execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/handler.js:31:20)\n at Request._lifecycle (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:371:32)\n at Request._execute (/usr/share/wazuh-dashboard/node_modules/@hapi/hapi/lib/request.js:281:9)"} url=https://wazuh.XY.duckdns.org/auth/saml/login?redirectHash=false&nextUrl=%2F
I tested from wazuh dashboard:
curl -k -u admin:SecretPassword https://wazuh.indexer:9200
{
"name" : "wazuh.indexer",
"cluster_name" : "wazuh-cluster",
"cluster_uuid" : "eJIkHTB7SWGCO6LZrR3vVQ",
"version" : {
"number" : "7.10.2",
"build_type" : "rpm",
"build_hash" : "ac8f6e0114b657a116c4a41c3e12f8e0e181bbcd",
"build_date" : "2025-11-08T11:55:34.225460336Z",
"build_snapshot" : false,
"lucene_version" : "9.12.2",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
Host/Environment (please complete the following information):
- Server base OS: Debian 12
- Docker version 29.1.3
- wazuh/wazuh-manager:4.14.1
- wazuh/wazuh-indexer:4.14.1
- wazuh/wazuh-dashboard:4.14.1
Can anyone help me solve this problem? Thank you!