Security

SSO, trustedIP and IPv6

lrhazi
Path Finder

On RedHat 6, I found that my SSO config would not work, with Apache on localhost acting as proxy.

The debug page would shoo:

Incoming request IP received by splunkweb ::1
Is the incoming request IP in splunkweb's list of trustedIPs? No. SSO will not be used to authenticate this request.

My trustedIP was set to: 127.0.0.1

I tried setting to: 127.0.0.1, ::1, but it did not seem to work.

After disabling IPv6, and rebooting the box, it started working, as the client now is 127.0.0.1.

Is there a different syntax for specifying a trustedIP if ::1 ?

Tags (2)

ithangasamy_spl
Splunk Employee
Splunk Employee

This is known to work in Splunk 5+. Please refer the attached image alt text
Both in the server.conf and web.conf for the trustedIP property you need to set
trustedIP=::1 NOT trustedIP=[::1] , if you do you would likely see following error in the splunkd.log

-04-2014 21:58:31.362 -0800 ERROR HTTPRestLogin - SSO failed - Given IP '::1' does not match trusted IP '[::1]'

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...