- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Splunk behind proxy - returning wrong context path...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello:
My instance is running behind a proxy with root end point as - say /mysplunkapp
The configurations are done in web.conf file correctly to reflect the root context path to /mysplunkapp
The problem is while login into splunk. From the firebug, we see that there is 303 - "See Other" firing up.
With this, the context path is lost and the proxy web server is not able to understand where to redirect the request to.
Hence, users getting lost ( redirected to some other page on the proxy) . This happens, on and off. Specifically, for sure for the first time login into Splunk.
I looked into the Splunk python code. But, could not locate where the login is handled. Though I see login.html where FORM based auth is taken care.. I could not see the real issue in the code. I suspect its around redirect and return_to variable.
In simple terms, whats expected is, after login into Splunk, the response should have the path as "/mysplunkapp"
but, what is redirected is just root "/".
Hence proxy is not able to understand where to redirect to?
Any idea how to address this?
thanks..
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method
This works for me.
File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py
@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):
#FIX (1) line below
return_to = '/mysplunkapp/en-US/' <<===
# Force a refresh of startup info so that we know to
# redirect if license stuff has expired.
startup.initVersionInfo(force=True)
updateCheckerBaseURL = self.getUpdateCheckerBaseURL()
ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method
This works for me.
File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py
@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):
#FIX (1) line below
return_to = '/mysplunkapp/en-US/' <<===
# Force a refresh of startup info so that we know to
# redirect if license stuff has expired.
startup.initVersionInfo(force=True)
updateCheckerBaseURL = self.getUpdateCheckerBaseURL()
ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
.conf24 | Personalize your .conf experience with Learning Paths!
Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...
