Security

Java SDK : Can't create a role with a default app

manur
Explorer

I have a role called accessadmin, with capabilities edit_roles and edit_user.

When I try to use it to create another role with a default app, I get an error. Here's the Java code :

Role createdRole = service.getRoles().create("someRole");
createdRole.setImportedRoles(parentRole);
createdRole.setSearchFilter(searchFilter);
createdRole.setDefaultApp(defaultApp);
createdRole.update();

And the error message :

com.splunk.HttpException: HTTP 403 -- User 'accessadmin' with roles { accessadmin } cannot write: /nobody/user-prefs/user-prefs/role_someRole { read : [ * ], write : [ admin ] }, removable: no

Crucially, there is no error if I create the same role without specifying a default app.

I'm using Splunk 6.3.2 in a docker container.

0 Karma

gyslainlatsa
Motivator

hi,

par example, To make the Search app the default landing app for a user:

1. Create a file called user-prefs.conf in the user's local directory:
etc/users/<user>/user-prefs/local/user-prefs.conf
       · For the admin user the file would be in:
           etc/users/admin/user-prefs/local/user-prefs.conf
        · For the test user, it would be in:
           etc/users/test/user-prefs/local/user-prefs.conf
2. Put the following line in the user-prefs.conf file:
default_namespace = search

or following this link:
http://docs.splunk.com/Documentation/Splunk/6.3.2/Admin/ConfigureSplunktoopeninanapp

0 Karma

manur
Explorer

Thank you gyslainlatsa, but I tried your advice unsuccessfuly and anyway it doesn't seem to be related to my problem. What fails is the call to create/update the role while giving it a default app.

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...