topic Re: insecurelogin fails in Alerting

insecurelogin fails

kmattern — Mon, 28 Sep 2020 11:37:54 GMT

I followed the instructions found in http://docs.splunk.com/Documentation/Splunk/latest/Developer/3rdParty to set up insecurelogin so that I can embed views in our web portal. I placed the following in web.conf:

[settings]

enable_insecure_login = true

My sample web page looks like this

 <html>

<head>
<meta HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">

<title ID=titletext>Splunk Test</title>
</head>

<body>

<h1>Splunk View Test</h1>

<iframe src="http://192.168.50.135:8000/en-US/account/insecurelogin?username=admin&password=changeme&return_to=/app/FMS/FMS_Test_Stats">
    Your browser does not support IFrames
</iframe>
</body>
</html>

I see the headline when I call the page but in Firefox I get this:

File not found

Firefox can't find the file at http://192.168.50.135:8000/en-US/account/insecurelogin?username=admin&password=changeme&return_to=/app/FMS/FMS.

Internet Explorer throws a message box with this:

Internet Explorer cannot download insecurelogin from 192.168.50.135
Internet Explorer was not able to open the Internet site. The requested site is either unavailable or cannot be found. Please try again later.

If I log directly into Splunk I can see the view. It is in advanced XML

Re: insecurelogin fails

MHibbin — Thu, 05 Apr 2012 15:19:43 GMT

What is the location of the web.conf file you modified? - I believe it has to be at the system level (i.e. $SPLUNK_HOME/etc/system/local/web.conf)

Did you restart Splunk? - I think you can just restart splunkweb, if you do not want a full restart (i.e. ./splunk restart splunkweb)

You should also include a size in the iframe (e.g. in the example... width="100%" height="300")

Regards,

MHibbin

Re: insecurelogin fails

kmattern — Thu, 05 Apr 2012 15:20:24 GMT

It is in etc/system/local

And I did stop and restart Splunk.

Re: insecurelogin fails

MHibbin — Thu, 05 Apr 2012 15:26:16 GMT

How about changing the "/" to "%2F" as in the docs

Forexample:

</p>

Re: insecurelogin fails

MHibbin — Thu, 05 Apr 2012 15:31:03 GMT

also are you still using the default admin password (i.e. "changeme").. I assume you are as that is what you have included in the url

Re: insecurelogin fails

kmattern — Thu, 05 Apr 2012 17:18:52 GMT

Been there done that. I've tried everything.

Re: insecurelogin fails

jt_splunk — Fri, 06 Apr 2012 10:26:00 GMT

What happens if you copy & paste your iframe link directly into your browser? If you have to "log in" (which you kind of imply at the end of your post) then your insecure login setup is wrong. There should be no login required with that link.

Re: insecurelogin fails

kmattern — Fri, 06 Apr 2012 13:01:08 GMT

It suddenly hit me! I checked web.conf and found a second instance of insecurelogin set to false. As soon as I removed that it worked.

Sometimes things are too simple.

Re: insecurelogin fails

urirosenberg — Thu, 20 Dec 2012 06:17:48 GMT

I have splunk running on MAC and web.conf file is in/Applications/splunk/etc/system/default/web.conf (not $SPLUNK_HOME/etc/system/local/web.con). local directory does not have a web.conf file.
In order to achieve the insecure login I ended up also updating "tools.sessions.secure = True" to False