Security

SSO, trustedIP and IPv6

lrhazi
Path Finder

On RedHat 6, I found that my SSO config would not work, with Apache on localhost acting as proxy.

The debug page would shoo:

Incoming request IP received by splunkweb ::1
Is the incoming request IP in splunkweb's list of trustedIPs? No. SSO will not be used to authenticate this request.

My trustedIP was set to: 127.0.0.1

I tried setting to: 127.0.0.1, ::1, but it did not seem to work.

After disabling IPv6, and rebooting the box, it started working, as the client now is 127.0.0.1.

Is there a different syntax for specifying a trustedIP if ::1 ?

Tags (2)

ithangasamy_spl
Splunk Employee
Splunk Employee

This is known to work in Splunk 5+. Please refer the attached image alt text
Both in the server.conf and web.conf for the trustedIP property you need to set
trustedIP=::1 NOT trustedIP=[::1] , if you do you would likely see following error in the splunkd.log

-04-2014 21:58:31.362 -0800 ERROR HTTPRestLogin - SSO failed - Given IP '::1' does not match trusted IP '[::1]'

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...