Security

Why does setup.xml with encrypted credentials fail on re-run?

Engager

It's unclear to me how to allow users to change a stored password via setup.xml.

The "Setup page example with user credentials" (http://dev.splunk.com/view/SP-CAAAE9B#creds) works fine for initially configuring the app I'm developing; I can see that an entry gets created in /servicesNS/nobody/<appname>/storage/passwords.

However, upgrading the app ("Install app from file" / [x] Upgrade app) prompts me to enter Setup again after app upgrade. This time, the credential post fails with the error:

Encountered the following error while trying to update:
Error while posting to url=/servicesNS/nobody/<appname>/storage/passwords/

Meanwhile, splunkd.log displays the error:

SetupAdminHandler - Cannot find field='name' in url='/storage/passwords/_new/' setting value to empty string
SetupAdminHandler - Cannot find field='name' in url='/storage/passwords/_new/' setting value to empty string
SetupAdminHandler - Error while posting to url=/servicesNS/nobody/<appname>/storage/passwords/

I presume this is because a password has already been saved in the storage/passwords store, and my setup.xml block refers to the _new entity, i.e:

<block title="Script credentials" endpoint="storage/passwords" entity="_new">

I've seen suggestions about using a custom endpoint to accomplish this better, and advice that users should manually clear settings from local/passwords.conf files during an upgrade/before changing their username/password. The latter seems unideal (some users may not have filesystem access to their splunk instance), and the former feels like overkill.

What I'm basically looking for is "create or update" logic when using the storage/passwords endpoint. Is there a streamlined/best-practice way to accomplish this without having to implement this logic in conjunction with a custom endpoint? This feels like the type of thing that should be a pretty common occurrence, so I'm surprised that I haven't found anything in the documentation about it.

0 Karma

New Member

I got one solution here,

If you know username then create 'passwords.conf' in default directory containing,

[credential::user_name:]

and in setup.xml use entity "user_name" instead of "_new"

<block title="Public Key" endpoint="storage/passwords" entity="user_name*" mode="iter" eai_strict="false">
0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!