Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

SSO setup problems

srichansen
Path Finder
‎01-24-2019 08:10 AM

Hi all,

we are trying to get SSO working through the SAML authentication method but are running into errors that we cant diagnose.

the most common error on login is the following in the splunkd logs.

01-24-2019 16:59:00.303 +0100 ERROR UserManagerPro - user="nobody" had no roles

01-24-2019 16:58:47.196 +0100 ERROR UiSAML - IDP failed to authenticate request. Status Code="Responder"

01-24-2019 16:58:47.196 +0100 ERROR UiSAML - IDP failed to authenticate request. Status Message="" Status Code="Responder"

   01-24-2019 16:58:47.196 +0100 ERROR Saml - No extra status code found in SamlResponse, Not a valid status. Could not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusMessage or no matching nodes foundNo value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusMessageCould not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusDetail/Cause or no matching nodes foundNo value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusDetail/Cause

From with the domain it seems to work fine, but externally we get the above.

Any tips to steer us in the right direction would be much apprectiated.

Kind regards
Simon

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

srichansen
Path Finder
‎02-11-2019 03:40 AM

Hi,

Thanks for the help.
I am going to close the ticket as i discovered what the problem was. The setup on the AD side was done by the client IT and a few steps were missed whereby the profiles were not linked to accounts.

Splunk was then getting empty user details and hence the errors.

thanks for looking.
regards
Simon

View solution in original post

0 Karma
Reply
Solved! Jump to solution

rajasekhar14
Path Finder
‎10-17-2019 08:39 AM

Can you please let me know what was missing on the ADFS side?

0 Karma
Reply
Solved! Jump to solution
Solution

srichansen
Path Finder
‎02-11-2019 03:40 AM

Hi,

Thanks for the help.
I am going to close the ticket as i discovered what the problem was. The setup on the AD side was done by the client IT and a few steps were missed whereby the profiles were not linked to accounts.

Splunk was then getting empty user details and hence the errors.

thanks for looking.
regards
Simon

0 Karma
Reply
Solved! Jump to solution

mydog8it
Builder
‎02-06-2019 03:45 PM

Looks like a certificate error between IDP and Splunk to me. Not really enough info to determine for sure.

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...