Security

Integration with Deepnet Two Factor authtentication using SAML

ramesh_babu71
Path Finder

Hello All,

We are unable to integrate Splunk 6.5.2 with Deepnet 2FA using SAML. When I access the Splunk login page then it is perfectly redirected to IDP login page then after provided the user credentials this error page gets displayed. The error says The saml response does not contain group information.

Authentication.conf

[authentication]
authSettings = saml
authType = SAML

[roleMap_SAML]
admin = deepnetgroup;

[saml]
entityId = splunkEntityId
fqdn = http://rhel7
idpCertPath = /opt/splunk/etc/auth/SSOServer.crt
idpSLOUrl = https://dualshield.wipro.com:8074/appsso/logout?DASApplicationName=Splunk WebSSO
idpSSOUrl = https://dualshield.wipro.com:8074/appsso/login?DASApplicationName=Splunk WebSSO

issuerId = https://dualshield.wipro.com:8074

redirectPort = 8000
signAuthnRequest = true
signatureAlgorithm = RSA-SHA1
signedAssertion = true
sloBinding = HTTPRedirect

sslKeysfile = /opt/splunk/etc/auth/server.pem

clientCert = /opt/splunk/etc/auth/server.pem

sslKeysfilePassword = $1$3umknA8lnEHb

sslPassword = $1$3umknA8lnEHb
ssoBinding = HTTPRedirect

Tags (2)
0 Karma

ramesh_babu71
Path Finder

Hi All,

I contacted Deepnet support (Vendor). They assisted us with this.

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Please share the resolution.

---
If this reply helps you, Karma would be appreciated.
0 Karma

ramesh_babu71
Path Finder

Hi Rich,

Deepnet has published full steps of integration in their wiki page

http://wiki.deepnetsecurity.com/pages/viewpage.action?pageId=2818969

0 Karma

suarezry
Builder

Use this browser tool to trace your SAML response:
https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/

Did your IdP include the role information in the response?

(...and your role name 'deepnetgroup;' includes a semicolon. Is this by design?)

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...