CGI Authentication

Volker.Aust at premiere.de Volker.Aust at premiere.de
Fri Aug 30 11:39:03 CEST 2002


Hi Rob,

> -----Original Message-----
> From: Gizmo [mailto:gizmo at thegremlins.net]
> Sent: Friday, August 30, 2002 11:02 AM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] CGI Authentication
> 
> 
> Hi guys,
> 
> I have disabled the CGI Authentication of my Nagios because I 
> have protected my webserver on IP based authtentication, but 
> when I want to schedule a downtime I get this message:
> 
> ---------------------------------------------------------
> Sorry Dave, I can't let you do that...
> 
> 
> It seems that you have chosen to not use the authentication 
> functionality of the CGIs.
> 
> I don't want to be personally responsible for what may happen 
> as a result of allowing unauthorized users to issue commands 
> to Nagios,so you'll have to disable this safeguard if you are 
> really stubborn and want to invite trouble.
> 
> Read the section on CGI authentication in the HTML 
> documentation to learn how you can enable authentication and 
> why you should want to. 
> -----------------------------------------------
> 
> well since I'm really stubborn, I want to dissable this 
> safeguard, but I have no clue how to do that.
> Can anyone help me out with that?
> 
> thanks in advance
> 
> Rob van de Camp
> 
> The Netherlands
> 

<docs>

Authentication On Secured Web Servers

If your web server is located in a secure domain (i.e., behind a firewall)
or if you are using SSL, you can define a default username that can be used
to access the CGIs. This is done by defining the default_user_name option in
the CGI configuration file. By defining a default username that can access
the CGIs, you can allow users to access the CGIs without necessarily having
to authenticate to the web server.. You may want to use this to avoid having
to use basic web authentication, as basic authentication transmits passwords
in clear text over the Internet.

Important: Do not define a default username unless you are running a secure
web server and are sure that everyone who has access to the CGIs has been
authenticated in some manner! If you define this variable, anyone who has
not authenticated to the web server will inherit all rights you assign to
this user!

</docs>

<docs>

Global Service Command Access

Format:
authorized_for_all_service_commands=<user1>,<user2>,<user3>,...<usern>
Example: authorized_for_all_service_commands=nagiosadmin

This is a comma-delimited list of names of authenticated users who can issue
commands for all services via the command CGI. Users in this list are not
automatically authorized to issue commands for all hosts. Users in this list
are not automatically authorized to view status or configuration information
for all hosts. If you want users able to view status and configuration
information for all services as well, you must add them to the
authorized_for_all_services variable. More information on how to setup
authentication and configure authorization for the CGIs can be found here. 

</docs>

Hope this helps

-vol


-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390




More information about the Users mailing list