drop IAE as it may not actually be client error but rather internal ne

slobodanadamovic · slobodanadamovic · commit 70375330a30d · 2025-04-01T16:12:51.000+02:00
diff --git a/x-pack/plugin/security/qa/security-trial/src/javaRestTest/java/org/elasticsearch/xpack/security/failurestore/FailureStoreSecurityRestIT.java b/x-pack/plugin/security/qa/security-trial/src/javaRestTest/java/org/elasticsearch/xpack/security/failurestore/FailureStoreSecurityRestIT.java
@@ -1801,12 +1801,7 @@ public void testWriteOperations() throws IOException {
         expectThrows(() -> deleteDataStream(MANAGE_FAILURE_STORE_ACCESS, dataIndexName), 403);
 
         expectThrows(() -> deleteDataStream(MANAGE_FAILURE_STORE_ACCESS, "test1"), 403);
-        // delete API does not allow selectors
-        expectThrows(
-            () -> deleteDataStream(MANAGE_FAILURE_STORE_ACCESS, "test1::failures"),
-            400,
-            "Index component selectors are not supported in this context but found selector in expression [test1::failures]"
-        );
+        expectThrows(() -> deleteDataStream(MANAGE_FAILURE_STORE_ACCESS, "test1::failures"), 403);
 
         // manage user can delete data stream
         deleteDataStream(MANAGE_ACCESS, "test1");
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
@@ -503,9 +503,16 @@ private void authorizeAction(
                                 indicesAndAliasesResolver.resolve(action, request, projectMetadata, authorizedIndices)
                             ),
                             e -> {
-                                if (e instanceof IndexNotFoundException
-                                    || e instanceof InvalidIndexNameException
-                                    || e instanceof IllegalArgumentException) {
+                                if (e instanceof IndexNotFoundException || e instanceof InvalidIndexNameException) {
+                                    logger.debug(
+                                        () -> Strings.format(
+                                            "failed [%s] action authorization for [%s] due [%s] exception",
+                                            action,
+                                            authentication,
+                                            e.getClass().getSimpleName()
+                                        ),
+                                        e
+                                    );
                                     listener.onFailure(e);
                                 } else {
                                     auditTrail.accessDenied(requestId, authentication, action, request, authzInfo);
