Security

SSO mode permissive but 401 Unauthorized when accessing with an unknown user

gfyhser
Engager

Hello Everyone,

We are facing with an issue with our Splunk configuration : We have currently configured Splunk to accept connections in a permissive way (with SSOMode=permissive in the web.conf config file).
This actually works fine, and we are correctly redirected to the login page when accessing with a non trusted ip.
The problem is, when we are accessing with a trusted ip and a unknown user in splunk, it shows us an "Unauthorized" message, and rejects us with a 401.

Is there a way not to reject the connection, and instead show the login page is the user is unknown just as the non-trusted ip case ?

Thanks,

0 Karma
1 Solution

tmarlette
Motivator

Not really with SSO. You might be able to redirect to this page.

http://splunkweb:port/en-US/account/login/loginType=Splunk

View solution in original post

tmarlette
Motivator

Not really with SSO. You might be able to redirect to this page.

http://splunkweb:port/en-US/account/login/loginType=Splunk

gfyhser
Engager

Adding this to the web.conf solved the issue. Thanks

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...