Getting Data In
Highlighted

Splunk SSO with mod_auth_kerb

Explorer

I'm trying to enable SSO by proxying from Apache w/ mod_auth_kerb. The problems seems to be the contents of Remote-User include the @REALM. Is there some way to strip the realm from Remote-User in Apache or configure Splunk to ignore it?

Tags (2)
Highlighted

Re: Splunk SSO with mod_auth_kerb

Influencer

mod_auth_kerb >= 5.4 allows you to configure KrbLocalUserMapping On in your Apache configuration which will strip the realm part off the remote user sent to Splunk.

Highlighted

Re: Splunk SSO with mod_auth_kerb

Explorer

Upgrading mod_auth_kerb wasn't an option. Fortunately I had success adding this:

RequestHeader edit REMOTE_USER "@REALM$" ""

Thanks though.

View solution in original post