Splunkweb SSO – SAMLv2

SAMLv2 becoming the de facto standard for achieving the Single Sign On (SSO) across the disparate business systems. Splunkweb SSO solution relies on the proxy layer of the front end web container. Recently I have invested some time on how one can accomplish Splunkweb SSO by leveraging the identity contained in a SAMLv2 assertion. In this article I am going to give a run down of how to perform Splunkweb SSO by authenticating to a SAMLv2 compliant identity provider(IdP). I assume the reader is familiar with the federated identity terminologies, such a IdP,Service Provider(SP), Circle of Trust(CoT) etc.,

» Continue reading

SSO Story : Splunkweb and OpenAM/OpenSSO

1.0 Background

To integrate the Splunkweb in to a SSO environment, there are multiple options that customers could employ. One such method I have outlined in my earlier post. While using proxy based solution you have to instruct the proxy to perform the authentication by specifically configuring to the identity repository. It is also possible to have the proxy act like a simple proxy with out doing any authentication or authorization instead it will simply delegate the authentication to other systems including an identity and access management(IAM) system. OpenSSO/OpenAM is one such IAM system derived from Sun Access Manager product. In this article I am going to explain how Splunkweb can be  integrated in to an enterprise whose authentication is managed …

» Continue reading

Splunk and Active Directory Nested Groups for Authorization

Splunk 4.3 introduced multiple features and enhancements to improve Authentication and Authorization feature. Including multiple LDAP authentication strategies,dynamic groups,nested group support and per strategy configuration parameter such as enabling LDAP referrals. In this article I am planning to cover how Splunk can ben configured to authorize identities from Microsoft Active Directory defined nested groups.

» Continue reading