topic Re: authentication.conf multiple authType values in Security

authentication.conf multiple authType values

phemmer — Tue, 03 Sep 2013 17:42:54 GMT

I am wanting to set up multiple authentication types, both LDAP and scripted. I would thus need to somehow set multiple authType values in the authentication.conf. However from reading the documentation on authentication.conf, it does not indicate that this can be done. I just wanted to know if this is not possible, or if it's just not documented well.

Basically I want to use both LDAP and scripted authentication. LDAP will be used for normal users, but we have some system processes which use splunk, and I want them to be authenticated by a script. The hope is that splunk will first try to authenticate off one source, and if that fails, try the next one.

Worst case scenario I could move the LDAP authentication into the script so that it could then do both, but that's just ugly and I'm hoping to avoid it.

Re: authentication.conf multiple authType values

LukeMurphey — Wed, 04 Sep 2013 03:00:34 GMT

I came to the same conclusion as you: it doesn't appear to be possible.

Re: authentication.conf multiple authType values

phemmer — Fri, 06 Sep 2013 14:01:09 GMT

I ended up writing a script to do both. This actually turned out somewhat beneficial as I built the script to authenticate against PAM instead of LDAP. We use sssd for authentication, so this gives the benefit that if LDAP goes down, splunk will use the offline caching mechanism of sssd for authentication and users will still be able to log in.