Splunk Search

SSO login banner when using a CAC


I've been able to configure SSO for CAC via Apache proxy and everything works fine. I'm trying to figure out how to display a login banner like if you were to use username and password on the default Splunk login page where the user has to "accept" or at least be prompted fr some tpe of input before the user is allowed into Splunk. Has anyone been able to get this configured or point me in the right direction? Google searches didn't really help a lot. Thanks in advance.

Tags (1)
0 Karma

Loves-to-Learn Everything

Good morning.


Is it possible to get a copy of how you were able to configure SSO for CAC via Apache proxy? I am trying to get this done and have been trying for the past 4 days with no success.



0 Karma


We use Apache as a proxy for SSO and have the following in our SSL conf file to force users to a warning cookie before they are able to access Splunk:

RewriteEngine on
RewriteCond %{HTTP_COOKIE} !accepted_warning=true [NC]
RewriteRule ^/(de-DE|en-US|en-GB|it-IT|ja-JP|ko-KO|zh-CN|zh-TW)/.*$ warning/ [NC,L,R=302]
ProxyPass "/warning" "!"
ProxyPass "/" "https://localhost:8001/"
ProxyPassReverse "/" "https://localhost:8001/"

Inside that /warning directory are an HTML page plus supporting JavaScript and CSS files. The gist of these is to present the required warning page and the JavaScript to set a cookie when the user clicks to accept. Once the user's browser has the cookie, the session will not be sent back to the warning page again until the user clears cookies or until something else clears the cookies/ends the session (e.g. when the browser is restarted).

0 Karma


Is it possible to see the source for these files?

0 Karma
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!


Or Learn More in Our Blog >>