https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75438#M181366 <P>well nothing is passed in as arguments (just what you'd expect like ["<SPLUNK_HOME>\bin\runScript.py", "execute"]), and there's nothing useful in os.environ either. I forgot to mention that there <EM>is</EM> a promising looking constant "splunk.admin.CONTEXT_APP_AND_USER" that you can pass into splunk.admin.init(), but it seems to have no effect.</SPLUNK_HOME></P> Mon, 28 Sep 2020 09:19:43 GMT sideview 2020-09-28T09:19:43Z https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75436#M181364 <P>My problem seems very similar to <A href="http://answers.splunk.com/questions/4175/redirects-before-and-after-our-apps-setup-xml-with-a-custom-eai-endpoint-is-sh" rel="nofollow">http://answers.splunk.com/questions/4175/redirects-before-and-after-our-apps-setup-xml-with-a-custom-eai-endpoint-is-sh</A></P> <P>but either its not the same thing or that thing wasnt fixed in 4.1.5 (because im using 4.1.5)</P> <P>I have my setup.xml posting to my custom endpoint, and all is well. </P> <P>But from that endpoint I dont have any user context. Specifically when I call <CODE>splunk.auth.getCurrentUser()</CODE>, i get back a placeholder user whose name is 'UNDEFINED_USER', whereas I'd expect to get back the user currently logged into SplunkWeb. </P> <P>And obviously if i make namespaced EAI calls with that null user I cant do much with them cause he doesnt exist. <span class="lia-unicode-emoji" title=":grinning_face_with_big_eyes:">😃</span></P> <P>and for troubleshooting purposes, if i throw the following line in there, </P> <P><CODE>hackSessionKey = splunk.auth.getSessionKey("admin", "changeme")</CODE></P> <P>then I do indeed get admin's user context and everything works fine, but of course that is not a solution.</P> <P>So can anyone tell me how to get the proper user context from here? Thanks in advance.</P> Fri, 22 Oct 2010 07:06:54 GMT https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75436#M181364 sideview 2010-10-22T07:06:54Z https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75437#M181365 <P>AFAIK, fixing the app context in the other issue linked above was easy because app context can be deduced from the URL. This makes the solution easy-- just make sure all app setups are sent (or redirected) to a URL for that app. </P> <P>The user, however, is stored in a cherrypy session variable instead of the URL, so you're dependent on having it passed from Splunkweb down to splunkd and then passed again from splunkd to your EAI python handler. I assume that one of those handoffs is not happening, or isn't happening as you'd expect. </P> <P>If I were trying to debug this, I'd suggest setting a breakpoint inside admin.init (the first method run in your EAI handler) and looking at all the info that splunkd is passing in as arguments and/or environment variables. </P> <P>If the username is in there, then figure out a way to suck it out. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>If the username isn't there, then I'd consider filing a support request on this since it sounds like something we may not currently support. </P> Sat, 23 Oct 2010 02:05:28 GMT https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75437#M181365 Justin_Grant 2010-10-23T02:05:28Z https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75438#M181366 <P>well nothing is passed in as arguments (just what you'd expect like ["<SPLUNK_HOME>\bin\runScript.py", "execute"]), and there's nothing useful in os.environ either. I forgot to mention that there <EM>is</EM> a promising looking constant "splunk.admin.CONTEXT_APP_AND_USER" that you can pass into splunk.admin.init(), but it seems to have no effect.</SPLUNK_HOME></P> Mon, 28 Sep 2020 09:19:43 GMT https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75438#M181366 sideview 2020-09-28T09:19:43Z https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75439#M181367 <P>The solution was actually a headslapper. Custom rest endpoints extend MConfigHandler, and in that file there is a method <CODE>getSessionKey()</CODE>. I think the setup endpoints I had been studying did filesystem operations only so they had never called it. </P> <P>Anyway, one might make the assumption that the python would inherit the authenticated session automatically but you have to actually call <CODE>getSessionKey()</CODE> or everything else will be dead in the water. </P> <P>I had tried <CODE>splunk.getDefault("sessionKey")</CODE>, and I had read all through the other EAI python and through the API docs, but the answer was right there in MConfigHandler. Get a session key explicitly and suddenly ye shall be authenticated, and can make authenticated and properly-namespaced calls, and you can call </P> <P><CODE>splunk.auth.getCurrentUser()</CODE> </P> <P>and all manner of sensible things. </P> <P>This is the answer because without that all you can really do is simplistic writeConf calls:</P> <P><CODE>self.writeConf(confFileName, stanzaName, keyDictionary)</CODE> </P> <P>But with a sessionKey you get a user context and you can can then use any endpoint in the EAI system, for example: </P> <P><CODE>en.getEntities('data/inputs/monitor/_reload', sessionKey = self.getSessionKey())</CODE></P> <P>which is very nice. </P> Tue, 26 Oct 2010 01:58:04 GMT https://community.splunk.com/t5/Splunk-Search/When-posting-setup-xml-data-to-a-custom-endpoint-is-it-possible/m-p/75439#M181367 sideview 2010-10-26T01:58:04Z