elastic · slobodanadamovic · Apr 6, 2025 · Apr 1, 2025 · Apr 1, 2025 · Apr 1, 2025
diff --git a/...rg/elasticsearch/xpack/remotecluster/AbstractRemoteClusterSecurityFailureStoreRestIT.java b/...rg/elasticsearch/xpack/remotecluster/AbstractRemoteClusterSecurityFailureStoreRestIT.java
@@ -170,7 +170,7 @@ protected Tuple<String, String> getSingleDataAndFailureIndices(String dataStream
     }
 
     protected static void assertSelectorsNotSupported(ResponseException exception) {
-        assertThat(exception.getResponse().getStatusLine().getStatusCode(), equalTo(403));
+        assertThat(exception.getResponse().getStatusLine().getStatusCode(), equalTo(400));
         assertThat(exception.getMessage(), containsString("Selectors are not yet supported on remote cluster patterns"));
     }
 

diff --git a/...stTest/java/org/elasticsearch/xpack/security/failurestore/FailureStoreSecurityRestIT.java b/...stTest/java/org/elasticsearch/xpack/security/failurestore/FailureStoreSecurityRestIT.java
@@ -2255,6 +2255,12 @@ private static void expectThrows(ThrowingRunnable runnable, int statusCode) {
         assertThat(ex.getResponse().getStatusLine().getStatusCode(), equalTo(statusCode));
     }
 
+    private static void expectThrows(ThrowingRunnable runnable, int statusCode, String errorMessage) {
+        var ex = expectThrows(ResponseException.class, runnable);
+        assertThat(ex.getResponse().getStatusLine().getStatusCode(), equalTo(statusCode));
+        assertThat(ex.getMessage(), containsString(errorMessage));
+    }
+
     private void expectThrows(String user, Search search, int statusCode) {
         expectThrows(() -> performRequest(user, search.toSearchRequest()), statusCode);
         expectThrows(() -> performRequest(user, search.toAsyncSearchRequest()), statusCode);

diff --git a/...n/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java b/...n/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
@@ -44,6 +44,7 @@
 import org.elasticsearch.core.Nullable;
 import org.elasticsearch.core.Tuple;
 import org.elasticsearch.index.IndexNotFoundException;
+import org.elasticsearch.indices.InvalidIndexNameException;
 import org.elasticsearch.license.XPackLicenseState;
 import org.elasticsearch.threadpool.ThreadPool;
 import org.elasticsearch.transport.TransportActionProxy;
@@ -502,6 +503,19 @@ private void authorizeAction(
                                 indicesAndAliasesResolver.resolve(action, request, projectMetadata, authorizedIndices)
                             ),
                             e -> {
+                                if (e instanceof InvalidIndexNameException) {
+                                    logger.debug(
+                                        () -> Strings.format(
+                                            "failed [%s] action authorization for [%s] due [%s] exception",
+                                            action,
+                                            authentication,
+                                            e.getClass().getSimpleName()
+                                        ),
+                                        e
+                                    );
+                                    listener.onFailure(e);
+                                    return;
+                                }
                                 auditTrail.accessDenied(requestId, authentication, action, request, authzInfo);
                                 if (e instanceof IndexNotFoundException) {
                                     listener.onFailure(e);