On RedHat 6, I found that my SSO config would not work, with Apache on localhost acting as proxy.
The debug page would shoo:
Incoming request IP received by splunkweb ::1
Is the incoming request IP in splunkweb's list of trustedIPs? No. SSO will not be used to authenticate this request.
My trustedIP was set to: 127.0.0.1
I tried setting to: 127.0.0.1, ::1, but it did not seem to work.
After disabling IPv6, and rebooting the box, it started working, as the client now is 127.0.0.1.
Is there a different syntax for specifying a trustedIP if ::1 ?
This is known to work in Splunk 5+. Please refer the attached image
Both in the server.conf and web.conf for the trustedIP property you need to set
trustedIP=::1 NOT trustedIP=[::1] , if you do you would likely see following error in the splunkd.log
-04-2014 21:58:31.362 -0800 ERROR HTTPRestLogin - SSO failed - Given IP '::1' does not match trusted IP '[::1]'