Solved: Re: Scripted Authentication

keerthana_k · ‎04-10-2014

Hi,

We are using scripted authentication in our application. We have implemented the authentication script with all the required methods. These are my settings in authentication.conf:

[authentication]
authType = Scripted
authSettings = script

[script]
scriptPath = "<path to my script>"
scriptSearchFilters = 1

# Cache results for 1 second per call
[cacheTiming]
userLoginTTL    = 1
getUserInfoTTL  = 1
getUsersTTL     = 1

When I monitor the script logs I am seeing that the getUsers() and getUserInfo() methods get called every 30 seconds even when no user is logged into the application. Can anyone please help me out with these methods and explain why are they being called even when no user is logged in. Am I missing something?

Thanks,

Keerthana

strive · ‎07-16-2014

This should give you full details

http://answers.splunk.com/answers/131453/need-help-in-understanding-scripted-authentication

View solution in original post

strive · ‎07-16-2014

This should give you full details

http://answers.splunk.com/answers/131453/need-help-in-understanding-scripted-authentication

LukeMurphey · ‎04-10-2014

I noticed the same thing when I wrote an app to perform authentication via RADIUS. In my case, I had my application cache the user info and only update the cache with the information from the server when the user logs in. That way, calls to getUserInfo() don't require a server call.

Scripted Authentication

Detecting Remote Code Executions With the Splunk Threat Research Team

Observability | Use Synthetic Monitoring for Website Metadata Verification

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk