We currently have a proxy set up with an SSO user as deteiled here: http://docs.splunk.com/Documentation/Splunk/latest/Admin/Usesinglesign-onwithSplunk
Some of our application teams use a proxy with SSO to display Splunk dashboards in an iframe on some of their sites. Prior to the 4.3 upgrade, the proxy worked as expected and all elements were displayed. Post upgrade, no search data is displayed but the static content displays properly. Accessing the dashboard without the proxy works fine.
I've looked over the changelog for 4.3 and couldn't find any related changes or issues. The SSO debug page isn't showing errors and I've tried reverting the charts on one of my dashboards to flash to no avail. Can anyone help me out?
Can't find anything offhand, but the following might tangentially apply to SSO (from the known issues):
For what it's worth, our SSO install appeared to survive the 4.2.5->4.3.1 upgrade unscathed.
answered 07 Mar '12, 09:03
assuming this upgrade was from 4.2.x to 4.3.1 (and not 4.3 to 4.3.1) the only thing i can think of offhand that might be impacting you in this situation is this:
answered 07 Mar '12, 11:52
In 4.2 the default out of the box SSOMode was permissive
If you add
answered 24 Jul '12, 13:36
I know this is not the right way to fix this but with tomorrow as my deadline this works until I find a cleaner way.
I set this up today from a clean Splunk 4.3.1 (build 119532) and ran into a similar issue. After some web searching I found this page but no joy. I then grepped the install tree to find the string "have a matching splunk account with the same username" (a generalized excerpt from the error I received in web_service.log) which ended up in the below file:
It seems at first blush there is a constant (
and it fixed my issue.
Hopefully this helps you. I will submit a bug report or patch once I figure that out.
answered 26 Apr '12, 13:49