I configured the Apache server to provide SSO and reverse proxy for our Splunk installation according to the configuration below. SSO works just like a reverse proxy that hides the Splunk instance running on port 8000 at the / splunk URL.
ProxyPass /splunk http://localhost:8000/splunk ProxyPassReverse /splunk http://localhost:8000/splunk <Location /splunk > # Kerberos Authentication AuthType Kerberos AuthName "Kerberos Login" KrbAuthRealms MYDOMAIN.COM Krb5KeyTab /etc/krb5.http.keytab KrbMethodNegotiate on KrbAuthoritative on KrbMethodK5Passwd off KrbLocalUserMapping on KrbSaveCredentials on require valid-user # SSO RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (.+)$ RewriteRule . - [E=RU:%1] RequestHeader set REMOTE_USER %{RU}e </Location>
The problem is in Apache logs. I get LOT of the following error messages.
[client xxxx] Request exceeded the limit of 10 subrequest nesting levels due to probable confguration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: http://splunk.mydomain.com/splunk/en-GB/debug/sso
I am not sure if this problem is related to Splunk or not. Has anyone else seen this and how can I fix the problem?
source share