I am working on SAML2 auth with some of our management servers. Our IDP is PingIdentify. Everything works fine except:
Our SAML configuration is populated via a PingIdentity provided "metadata.xml" file The entityID field in the XML file is populate as follows:
entityID="saml20.int.company.com"
authentication.conf has the following entry
issuerId = saml20.int.company.com
The problem is, when Splunk is restarted is complains about this entry with the following error:
_______________________________________________________________________
Checking conf files for problems...
Invalid key in stanza [saml] in /global/apps/splunk/splunk/etc/system/local/authentication.conf, line 101: issuerId (value: saml20).
Your indexes and inputs configurations are not internally consistent. For more information, run 'splunk btool check --debug'
_______________________________________________________________________
Even with the error, everything works fine. The error though is driving our ticketing system crazy (and operations support). I have tried removing the entry, and other tweaks to this line, but then SAML no longer works. I submitted a case to Splunk support, but they were unable to tell me why this error??
↧