Developing for Splunk Enterprise

Splunk behind proxy - returning wrong context path with 303

splunkears
Path Finder

Hello:

My instance is running behind a proxy with root end point as - say /mysplunkapp
The configurations are done in web.conf file correctly to reflect the root context path to /mysplunkapp

The problem is while login into splunk. From the firebug, we see that there is 303 - "See Other" firing up.
With this, the context path is lost and the proxy web server is not able to understand where to redirect the request to.
Hence, users getting lost ( redirected to some other page on the proxy) . This happens, on and off. Specifically, for sure for the first time login into Splunk.

I looked into the Splunk python code. But, could not locate where the login is handled. Though I see login.html where FORM based auth is taken care.. I could not see the real issue in the code. I suspect its around redirect and return_to variable.

In simple terms, whats expected is, after login into Splunk, the response should have the path as "/mysplunkapp"
but, what is redirected is just root "/".
Hence proxy is not able to understand where to redirect to?

Any idea how to address this?

thanks..

0 Karma
1 Solution

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

View solution in original post

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

View solution in original post


Tune In & Win!

Don't miss out on your
chance to take home free
prizes by helping our players
save the Splunk Cloudom!

Dungeons & Data
Monsters: Splunk O11y
Day Editions Games
stream live:
5/4 at 6:30pm PST
5/5 at 7:00pm PST
on