Security

Single Dashboard without authentication

FritzWittwer_ol
Contributor

We are using LDAP for all authentications, but now I have to provide one single dashboard, which is loaded via an URL which contains some parameters, e.g.

https://splunk.xxxx.yyy/en-US/app/my-app/dashboard_mydb?form.Job=<JobId>&form.Env=<EnvID>.

I can't use an embedded report as the variables change in each request. This URL is called from the app and displayed in an internal webbrowser. Only a limited List of IP addresses should be able to call this URL without any authentication. We already have an Apache web server in front of your search head to provide access via standard SSL Port 443 even though our splunkd is not running as root.

The only solution I currently see is to setup an additional Apache web server and operate it as a proxy just for the URL above. Our search head could then accept single sign on requests for this proxy as documented in http://docs.splunk.com/Documentation/Splunk/6.1.5/Security/ConfigureSplunkSSO and have SSOmode set to Permissive, so the other Apache still allows the normal logon.

Looks like a rather complex setup just for this single dashboard, has anyone another solution implemented?

0 Karma

trsavela
Path Finder

I have to provide reports w/o auth as well, my solution was to use the JS SDK and provide a simple web page the users can hit.

There are some great examples you can build off of.

http://dev.splunk.com/view/javascript-sdk/SP-CAAAECM

0 Karma
Get Updates on the Splunk Community!

Get Inspired! We’ve Got Validation that Your Hard Work is Paying Off

We love our Splunk Community and want you to feel inspired by all your hard work! Eric Fusilero, our VP of ...

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...