topic Re: Splunk with SAML authentication in Security

Splunk with SAML authentication

splunkgk — Tue, 09 May 2017 05:17:18 GMT

Hi,

I am configuring Splunk access control with SAML onelogin and I have uploaded the onelogin IdP meta data file to splunk. After configuration splunk app is redirecting to onelogin login page. But getting a message like

"Federation Exception: Missing Assertion Consumer Service URL. Please contact your administrator."
Does any one know how do i get Consumer URL for splunk ?

-thanks

Re: Splunk with SAML authentication

suarezry — Tue, 09 May 2017 15:33:33 GMT

It's in your splunk SP metadata:
https://yoursplunk.yourfqdn.ca:8000/saml/spmetadata

Look for the following tag:

<md:AssertionConsumerService  Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"  Location="https://yoursplunk.yourdomain.ca/saml/acs"  index="0">

Re: Splunk with SAML authentication

aaron_gibby — Fri, 09 Oct 2020 17:35:01 GMT

Is the AuthNRequest signed? For some reason, Splunk does not include the ACS URL in unsigned assertions.

In your authentication.conf file, set the following attribute:

[<saml-authSettings-key>]
signAuthnRequest = true