Solved: Re: Splunk SSO with mod_auth_kerb

dmesler · ‎07-23-2010

I'm trying to enable SSO by proxying from Apache w/ mod_auth_kerb. The problems seems to be the contents of Remote-User include the @REALM. Is there some way to strip the realm from Remote-User in Apache or configure Splunk to ignore it?

dmesler · ‎07-26-2010

Upgrading mod_auth_kerb wasn't an option. Fortunately I had success adding this:

RequestHeader edit REMOTE_USER "@REALM$" ""

Thanks though.

View solution in original post

dmesler · ‎07-26-2010

Upgrading mod_auth_kerb wasn't an option. Fortunately I had success adding this:

RequestHeader edit REMOTE_USER "@REALM$" ""

Thanks though.

ziegfried · ‎07-26-2010

mod_auth_kerb >= 5.4 allows you to configure KrbLocalUserMapping On in your Apache configuration which will strip the realm part off the remote user sent to Splunk.

Splunk SSO with mod_auth_kerb

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

Announcing Modern Navigation: A New Era of Splunk User Experience

Casting Call: Compete in Cyber Games

Join the Conversation