Deployment Architecture

what changes are there to scripted auth from 3.4.x to 4.1?

Path Finder

Are there are any critical changes to be aware of when migrating a complex distributed scripted auth setup on 3.4.x to 4.1?

For example:

  • Do we still need the auth script on both the search heads and search/indexer boxes?
  • If so does the user and password get sent from the search head to all the nodes?
  • Any changes to auth caching from 3.X?
Tags (2)
1 Solution

Splunk Employee
Splunk Employee

Authentication changed between 3.4 and 4.0, and even more between 4.0 and 4.1:

  • No you don't need it on both, just on the search head.
  • Passwords are not sent.
  • I'm not sure what you specifically mean by "auth caching". If you mean the need to "reload auth" of a user when groups memberships have changed in the external source, then this has changed for LDAP and is now reloaded for each user when they log in. However, I do not know if it has changed for scripted authentication, but I suspect not.

View solution in original post

Splunk Employee
Splunk Employee

Authentication changed between 3.4 and 4.0, and even more between 4.0 and 4.1:

  • No you don't need it on both, just on the search head.
  • Passwords are not sent.
  • I'm not sure what you specifically mean by "auth caching". If you mean the need to "reload auth" of a user when groups memberships have changed in the external source, then this has changed for LDAP and is now reloaded for each user when they log in. However, I do not know if it has changed for scripted authentication, but I suspect not.

View solution in original post

Splunk Employee
Splunk Employee

Auth cacheing meant that we cached the answer to the question "is this a valid user" or "is this user an admin" and suchlike for x seconds, so that we didn't run the script hundreds of times a second, or whatever silliness.

0 Karma

Path Finder

So the first thing I see so far is that search filters seem to have changed. Sadly on 4.1 so far setting scriptSearchFilters=1 in my auth config does not seem to fix it...

0 Karma