Refine your search:

Splunk SSO with mod_auth_kerb

1

I'm trying to enable SSO by proxying from Apache w/ mod_auth_kerb. The problems seems to be the contents of Remote-User include the @REALM. Is there some way to strip the realm from Remote-User in Apache or configure Splunk to ignore it?

asked 23 Jul '10, 20:43

dmesler's gravatar image

dmesler
414
accept rate: 100%

2 Answers:
oldestnewestmost voted
0

Upgrading mod_auth_kerb wasn't an option. Fortunately I had success adding this:

RequestHeader edit REMOTE_USER "@REALM$" ""

Thanks though.

link

answered 26 Jul '10, 18:44

dmesler's gravatar image

dmesler
414
accept rate: 100%

1

mod_auth_kerb >= 5.4 allows you to configure KrbLocalUserMapping On in your Apache configuration which will strip the realm part off the remote user sent to Splunk.

link

answered 26 Jul '10, 08:14

ziegfried's gravatar image

ziegfried ♦
7.1k1315
accept rate: 53%

Post your answer
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×37
×33

Asked: 23 Jul '10, 20:43

Seen: 1,165 times

Last updated: 26 Jul '10, 18:44

Related questions

SSO with Apache - Splunk detecting browser IP instead of Apache IP

Splunk SSO with Apache/PHP

No parent module with ViewRedirector when using SSO and Apache RP

SSO for Splunk Web

SSO not functioning. Does hostname matter?

True SSO: Bypass login page with Centrify Active Directory Integration for Splunk?

Splunk doesn't link SSO/HTTP Header ID to Splunk ID

SSO works with anything but REMOTE_USER

4.2 SSO removes "Logout" button

Copyright © 2005-2012 Splunk, Inc. All rights reserved.