Solved: SSO mode permissive but 401 Unauthorized when acce...

gfyhser · ‎11-20-2017

Hello Everyone,

We are facing with an issue with our Splunk configuration : We have currently configured Splunk to accept connections in a permissive way (with SSOMode=permissive in the web.conf config file).
This actually works fine, and we are correctly redirected to the login page when accessing with a non trusted ip.
The problem is, when we are accessing with a trusted ip and a unknown user in splunk, it shows us an "Unauthorized" message, and rejects us with a 401.

Is there a way not to reject the connection, and instead show the login page is the user is unknown just as the non-trusted ip case ?

Thanks,

tmarlette · ‎11-20-2017

Not really with SSO. You might be able to redirect to this page.

http://splunkweb:port/en-US/account/login/loginType=Splunk

View solution in original post

tmarlette · ‎11-20-2017

Not really with SSO. You might be able to redirect to this page.

http://splunkweb:port/en-US/account/login/loginType=Splunk

gfyhser · ‎11-22-2017

Adding this to the web.conf solved the issue. Thanks

SSO mode permissive but 401 Unauthorized when accessing with an unknown user

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes