Splunk Dev

Splunk behind proxy - returning wrong context path with 303

splunkears
Path Finder

Hello:

My instance is running behind a proxy with root end point as - say /mysplunkapp
The configurations are done in web.conf file correctly to reflect the root context path to /mysplunkapp

The problem is while login into splunk. From the firebug, we see that there is 303 - "See Other" firing up.
With this, the context path is lost and the proxy web server is not able to understand where to redirect the request to.
Hence, users getting lost ( redirected to some other page on the proxy) . This happens, on and off. Specifically, for sure for the first time login into Splunk.

I looked into the Splunk python code. But, could not locate where the login is handled. Though I see login.html where FORM based auth is taken care.. I could not see the real issue in the code. I suspect its around redirect and return_to variable.

In simple terms, whats expected is, after login into Splunk, the response should have the path as "/mysplunkapp"
but, what is redirected is just root "/".
Hence proxy is not able to understand where to redirect to?

Any idea how to address this?

thanks..

0 Karma
1 Solution

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

View solution in original post

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...