Solved: insecure login for one app?

heterodyned · ‎11-13-2010

Hey Team,

I created a custom app to enable charting, and tried setting up an insecure login feature ( inorder to embed the charts in a webpage), for some reason it is throwing me a 403 forbidden. Our splunk server is configured with LDAP configuration, was just wondering if its possible to change the authentication mode for that particular APP alone? or am I going wrong somewhere? the embed string I am trying to use is

http://splunk:8000/en_US/account/insecurelogin?username=admin&password=changeme&return_to=/app/TEST/...

Thanks once again

- Raghu

southeringtonp · ‎11-13-2010

It's a system-wide feature. You can't enable/disable it on a per-app basis.

As a workaround, you can create a dedicated instance of Splunk, and enable insecure authentication there, and configure it to be a dedicated search head with just that app.

See also:
http://answers.splunk.com/questions/8093/application-without-authentication

View solution in original post

southeringtonp · ‎11-13-2010

It's a system-wide feature. You can't enable/disable it on a per-app basis.

As a workaround, you can create a dedicated instance of Splunk, and enable insecure authentication there, and configure it to be a dedicated search head with just that app.

See also:
http://answers.splunk.com/questions/8093/application-without-authentication

heterodyned · ‎11-25-2010

Thanks! I do have the enterprise license, now I shall create a separate distributed search instance! 🙂 ( by adding the forwarder license)

southeringtonp · ‎11-14-2010

Distributed search does require an enterprise license. You could probably get by with the free forwarder license on the search head, but it looks like you'd still need an Enterprise license for the indexer, so it wouldn't help much. See here for the comparison of licenses - http://www.splunk.com/base/Documentation/4.1.5/Installation/AboutSplunklicenses

heterodyned · ‎11-14-2010

Would that require an enterprise license? Our central server is on enterprise license, so basically this search head can query the indexed data right? Shouldnt require a separate license for the search head right? Pardon me for this silly question

southeringtonp · ‎11-14-2010

Yes - it would be a search head that performs no indexing. It would query the indexer via distributed search. Enabling insecure authentication would apply to all apps installed on that search head. However, a search head does not need to have every app installed. You can install just the app(s) that are needed to render your dashboard.

heterodyned · ‎11-14-2010

Infact while I set up the web.conf within the app, with insecure login, it seems to be permitting insecure login with other apps as well. So I am guessing that web.conf setup is also a system wide feature, I think this woould mean to setup a separate Distributed search head? which would have insecure login?

-
Raghu

heterodyned · ‎11-14-2010

Did i catch you wrong with dedicated instance? you mean like a dedicated indexer? wherein all forwarders send the data?

insecure login for one app?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!