[BUG] Annoying warning message "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'" still not fixed

[ComBin]

What is the bug?
While basic+saml security configuration every user login generate a lot of WARN message in logs:

[2024-02-16T11:24:43,253][WARN ][o.o.s.h.HTTPBasicAuthenticator] [elk-h01.test.logs.infra.rbc.ru] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2024-02-16T11:24:43,261][WARN ][o.o.s.h.HTTPBasicAuthenticator] [elk-h01.test.logs.infra.rbc.ru] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2024-02-16T11:24:43,368][WARN ][o.o.s.h.HTTPBasicAuthenticator] [elk-h01.test.logs.infra.rbc.ru] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'
[2024-02-16T11:24:43,374][WARN ][o.o.s.h.HTTPBasicAuthenticator] [elk-h01.test.logs.infra.rbc.ru] No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'

This complicates debugging, takes up extra disk space, etc.

How can one reproduce the bug?
Steps to reproduce the behavior:

1. Take some adfs server
2. Create security config like this:

---
_meta:
  type: config
  config_version: 2
config:
  dynamic:
    kibana:
      server_username: opensearch_dashboards
      index: ".kibana"
    authc:
      basic_internal_auth_domain:
        description: Authenticate via HTTP Basic against internal users database
        http_enabled: true
        transport_enabled: true
        order: 1
        http_authenticator:
          type: basic
          challenge: false
        authentication_backend:
          type: intern
      saml_auth_domain:
        http_enabled: true
        transport_enabled: false
        order: 2
        http_authenticator:
          type: saml
          challenge: true
          config:
            idp:
              metadata_url: <metadata_url>
              entity_id: <entity_id>
            sp:
              entity_id: <entity_id>
            kibana_url: <kibana_url>
            roles_key: roles
            exchange_key: <some_key>
        authentication_backend:
          type: noop

3. Login adfs user
4. See log file in OpenSearch node

What is the expected behavior?
This log message see only on TRACE/DEBUG level.

What is your host/environment?

• OS: CentOS Linux release 7.8.2003
• Version opensearch-2.11.1-1.x86_64
• Plugins: default

Do you have any screenshots?
No

Do you have any additional context?
This problem was marked as resolved in #3273, but:

1. In fix fixed message "No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'", but problematic message is "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'"
2. It fixed in class BackendRegistry but problematic message produced by o.o.s.h.HTTPBasicAuthenticator class.

Also i found problematic message this:

security/src/main/java/org/opensearch/security/support/HTTPHelper.java

Line 45 in b7b49b9

log.warn("No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'");

[DarshitChanpura]

[Triage] Thanks for filing this issue @ComBin . It has a clear exit criteria. Marking it as triaged.

[Jakob3xD]

Really annoying log message.
"Workaround" is to set the log level to error.

PUT /_cluster/settings
{
  "persistent" : {
    "logger": {
      "org.opensearch.security.http": "ERROR"
    }
  }
}

[terryquigleysas]

@cwperks This can be closed off now #5377 has been merged.
Thanks for the help on this.