I've just set up scripted authentication with Atlassian Crowd from our Splunk Dev server, and had it working until I did a Splunk restart, when it suddenly stopped working. From the logs it seems like Splunk can't run the command anymore, after the restart.
02-15-2018 10:37:51.302 +0100 ERROR AuthenticationManagerScripted - Function 'userLogin' failed: Invocation of script '"/opt/splunk/bin/splunk cmd python" "/opt/splunk/bin/crowd-login.py"' failed
02-15-2018 10:37:51.302 +0100 ERROR ScriptRunner - Couldn't start child process. script="/opt/splunk/bin/splunk cmd python /opt/splunk/bin/crowd-login.py userLogin"
02-15-2018 10:37:51.300 +0100 DEBUG AuthenticationManagerScripted - Calling script '"/opt/splunk/bin/splunk cmd python" "/opt/splunk/bin/crowd-login.py" userLogin' (login arguments omitted)
All configured files are the same, with the same permissions as before. The only thing done from one state to the next was the splunk restart command.
Any help is appreciated.
$SPLUNK_HOME/etc/system/local/authentication.conf
[authentication]
authType = Scripted
authSettings = script
[script]
scriptPath = "/opt/splunk/bin/splunk cmd python" "/opt/splunk/bin/crowd-login.py" # this command works from the CLI
# Cache results for different times per function
[cacheTiming]
userLoginTTL = 10s
getUserInfoTTL = 1m
getUsersTTL = 2m
crowd-login.py
was collected from https://github.com/planettelex/splunk-crowd-auth
Found the issue. In crowd-login.py
the first line defined another python environment which messed everything up.
Removed the first line #!/usr/bin/env python
and everything works as expected.
Also updated authentication.conf with
[script]
scriptPath = /opt/splunk/bin/python /opt/splunk/bin/crowd-login.py
Found the issue. In crowd-login.py
the first line defined another python environment which messed everything up.
Removed the first line #!/usr/bin/env python
and everything works as expected.
Also updated authentication.conf with
[script]
scriptPath = /opt/splunk/bin/python /opt/splunk/bin/crowd-login.py
@thilleso : Could you please let me know how scripted authentication takes input ,username and password from login page?
I need to do some custom authentication which required inputs should take from login page and then do call a REST API to validate credential.
This is my question in Splunk answer,hope your answer or comment will help me to build a script.
https://answers.splunk.com/answers/616517/splunk-scripted-authentication-with-servicenow.html
It takes the intput arguments from the standard weblogin page args[USERNAME]
and args['password']
Se more details in $SPLUNK_HOME/share/splunk/authScriptSamples/dumbScripted.py
Thanks @thilleso