Security

SSO, trustedIP and IPv6

lrhazi
Path Finder

On RedHat 6, I found that my SSO config would not work, with Apache on localhost acting as proxy.

The debug page would shoo:

Incoming request IP received by splunkweb ::1
Is the incoming request IP in splunkweb's list of trustedIPs? No. SSO will not be used to authenticate this request.

My trustedIP was set to: 127.0.0.1

I tried setting to: 127.0.0.1, ::1, but it did not seem to work.

After disabling IPv6, and rebooting the box, it started working, as the client now is 127.0.0.1.

Is there a different syntax for specifying a trustedIP if ::1 ?

Tags (2)

ithangasamy_spl
Splunk Employee
Splunk Employee

This is known to work in Splunk 5+. Please refer the attached image alt text
Both in the server.conf and web.conf for the trustedIP property you need to set
trustedIP=::1 NOT trustedIP=[::1] , if you do you would likely see following error in the splunkd.log

-04-2014 21:58:31.362 -0800 ERROR HTTPRestLogin - SSO failed - Given IP '::1' does not match trusted IP '[::1]'

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...