Splunk Dev

Splunk behind proxy - returning wrong context path with 303

splunkears
Path Finder

Hello:

My instance is running behind a proxy with root end point as - say /mysplunkapp
The configurations are done in web.conf file correctly to reflect the root context path to /mysplunkapp

The problem is while login into splunk. From the firebug, we see that there is 303 - "See Other" firing up.
With this, the context path is lost and the proxy web server is not able to understand where to redirect the request to.
Hence, users getting lost ( redirected to some other page on the proxy) . This happens, on and off. Specifically, for sure for the first time login into Splunk.

I looked into the Splunk python code. But, could not locate where the login is handled. Though I see login.html where FORM based auth is taken care.. I could not see the real issue in the code. I suspect its around redirect and return_to variable.

In simple terms, whats expected is, after login into Splunk, the response should have the path as "/mysplunkapp"
but, what is redirected is just root "/".
Hence proxy is not able to understand where to redirect to?

Any idea how to address this?

thanks..

0 Karma
1 Solution

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

View solution in original post

splunkears
Path Finder

Debugged this extensively. Finally, I did a hack. Hardcoded my root context path /mysplunkapp in the file account.py:login(..) method

This works for me.

File affected:
../lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/account.py

@expose_page(must_login=False, methods=['GET','POST'], verify_session=False)
@lock_session
@set_cache_level('never')
def login(self, username=None, password=None, return_to=None, cval=None, **kwargs):

    #FIX  (1) line below 
    return_to = '/mysplunkapp/en-US/'    <<===

    # Force a refresh of startup info so that we know to
    # redirect if license stuff has expired.
    startup.initVersionInfo(force=True)

    updateCheckerBaseURL = self.getUpdateCheckerBaseURL()

ps: Replace hardcoded value with cherrypy.config.get('root.endpoint') , if you didn't like hardcoding.

Get Updates on the Splunk Community!

Federated Search for Amazon S3 | Key Use Cases to Streamline Compliance Workflows

Modern business operations are supported by data compliance. As regulations evolve, organizations must ...

New Dates, New City: Save the Date for .conf25!

Wake up, babe! New .conf25 dates AND location just dropped!! That's right, this year, .conf25 is taking place ...

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...