Security

Why does the embedding no longer works if the user is logged in after 7.0 upgrade?

eugenek
Path Finder

Since upgrading to Splunk 7.0.2, embedded reports show up as blank if the user is logged in to the search head from which the report is served.

Using browser's developer tools, when the user is logged in, I can see that a 403 error is returned from a call to:
/splunkd/__raw/servicesNS/username/-/data/ui/visualizations?...

When not logged in, a successful response comes back from:
/splunkd/__raw/servicesNS/-/-/data/ui/visualizations?...

Seems that 7.0.2 is including the username in the request, when 6.5.2 did not.

Looking in source of the page that is returned when the embedding link is loaded into the iframe, the suspect difference seems to be that the call to /en-US/config now includes: crossorigin="use-credentials".

alt text

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...