Ignoring setting because the IdP metadata is being loaded from a file – How to solve this Elasticsearch error

Opster Team

Aug-23, Version: 6.8-7.15

Before you dig into reading this guide, have you tried asking OpsGPT what this log means? You’ll receive a customized analysis of your log.

Try OpsGPT now for step-by-step guidance and tailored insights into your Elasticsearch operation.

Briefly, this error occurs when Elasticsearch’s Security feature is configured to use SAML authentication, and the Identity Provider (IdP) metadata is being loaded from a file. The system is ignoring a certain setting because it’s not needed when loading metadata from a file. To resolve this, ensure that the settings in your SAML configuration are correct. If a setting is not required because you’re loading from a file, you can remove it to avoid this warning. Alternatively, if you need the ignored setting, consider loading your IdP metadata from a URL instead.

For a complete solution to your to your search operation, try for free AutoOps for Elasticsearch & OpenSearch . With AutoOps and Opster’s proactive support, you don’t have to worry about your search operation – we take charge of it. Get improved performance & stability with less hardware.

This guide will help you check for common problems that cause the log ” Ignoring setting [{}] because the IdP metadata is being loaded from a file ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin, metadata.

Log Context

Log “Ignoring setting [{}] because the IdP metadata is being loaded from a file” classname is SamlRealm.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

        final String entityId = require(config; IDP_ENTITY_ID);
        final Path path = config.env().configFile().resolve(metadataPath);
        final FilesystemMetadataResolver resolver = new FilesystemMetadataResolver(path.toFile());

        if (config.hasSetting(IDP_METADATA_HTTP_REFRESH)) {
            logger.info("Ignoring setting [{}] because the IdP metadata is being loaded from a file";
                    RealmSettings.getFullSettingKey(config; IDP_METADATA_HTTP_REFRESH));

        // We don't want to rely on the internal OpenSAML refresh timer; but we can't turn it off; so just set it to run once a day.
        // @TODO : Submit a patch to OpenSAML to optionally disable the timer


How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Get expert answers on Elasticsearch/OpenSearch