Refine your search:

insecure login for one app?

0

Hey Team,

I created a custom app to enable charting, and tried setting up an insecure login feature ( inorder to embed the charts in a webpage), for some reason it is throwing me a 403 forbidden. Our splunk server is configured with LDAP configuration, was just wondering if its possible to change the authentication mode for that particular APP alone? or am I going wrong somewhere? the embed string I am trying to use is

http://splunk:8000/en_US/account/insecurelogin?username=admin&password=changeme&return_to=/app/TEST/sample_dashboard

Thanks once again

- Raghu

asked 13 Nov '10, 13:59

heterodyned's gravatar image

heterodyned
833118
accept rate: 14%

One Answer:
oldestnewestmost voted
1

It's a system-wide feature. You can't enable/disable it on a per-app basis.

As a workaround, you can create a dedicated instance of Splunk, and enable insecure authentication there, and configure it to be a dedicated search head with just that app.

See also:
     http://answers.splunk.com/questions/8093/application-without-authentication

link

answered 13 Nov '10, 15:47

southeringtonp's gravatar image

southeringtonp ♦
4.9k2524
accept rate: 35%

Did i catch you wrong with dedicated instance? you mean like a dedicated indexer? wherein all forwarders send the data?

(14 Nov '10, 04:44) heterodyned

Infact while I set up the web.conf within the app, with insecure login, it seems to be permitting insecure login with other apps as well. So I am guessing that web.conf setup is also a system wide feature, I think this woould mean to setup a separate Distributed search head? which would have insecure login?

- Raghu

(14 Nov '10, 12:18) heterodyned

Yes - it would be a search head that performs no indexing. It would query the indexer via distributed search. Enabling insecure authentication would apply to all apps installed on that search head. However, a search head does not need to have every app installed. You can install just the app(s) that are needed to render your dashboard.

(14 Nov '10, 15:10) southeringtonp ♦

Would that require an enterprise license? Our central server is on enterprise license, so basically this search head can query the indexed data right? Shouldnt require a separate license for the search head right? Pardon me for this silly question

(14 Nov '10, 15:28) heterodyned

Distributed search does require an enterprise license. You could probably get by with the free forwarder license on the search head, but it looks like you'd still need an Enterprise license for the indexer, so it wouldn't help much. See here for the comparison of licenses - http://www.splunk.com/base/Documentation/4.1.5/Installation/AboutSplunklicenses

(14 Nov '10, 18:20) southeringtonp ♦

Thanks! I do have the enterprise license, now I shall create a separate distributed search instance! :) ( by adding the forwarder license)

(25 Nov '10, 07:29) heterodyned
Post your answer
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×92

Asked: 13 Nov '10, 13:59

Seen: 1,352 times

Last updated: 13 Nov '10, 15:47

Related questions

insecure login Splunk not working with IE

web.conf and login choices.

How do i customise my login screen.

Change Password for default admin user

Custom login page message for splunk 4.1.3

How do I login for the first time?

Don't know how to login to Splunk for the first time

Internet Explorer Login Fails

Copyright © 2005-2012 Splunk Inc. All rights reserved.