Security

SSO, trustedIP and IPv6

Path Finder

On RedHat 6, I found that my SSO config would not work, with Apache on localhost acting as proxy.

The debug page would shoo:

Incoming request IP received by splunkweb ::1
Is the incoming request IP in splunkweb's list of trustedIPs? No. SSO will not be used to authenticate this request.

My trustedIP was set to: 127.0.0.1

I tried setting to: 127.0.0.1, ::1, but it did not seem to work.

After disabling IPv6, and rebooting the box, it started working, as the client now is 127.0.0.1.

Is there a different syntax for specifying a trustedIP if ::1 ?

Tags (2)

Splunk Employee
Splunk Employee

This is known to work in Splunk 5+. Please refer the attached image alt text
Both in the server.conf and web.conf for the trustedIP property you need to set
trustedIP=::1 NOT trustedIP=[::1] , if you do you would likely see following error in the splunkd.log

-04-2014 21:58:31.362 -0800 ERROR HTTPRestLogin - SSO failed - Given IP '::1' does not match trusted IP '[::1]'

0 Karma