Disabling Host Commands CGI for a user

[Mick]

On Tuesday 18 September 2007, Marc Powell wrote:

> I presumed that you already had basic authentication set up. If you do,
> it shouldn't ask for one at all. The user should already be
> authenticated to view host/service status information. Apache just
> checks to see if the authenticated user is a member of the admin group
> and denies the request if not.

I just tried this out.  I have basic authentication set up for all users.  If 
the user is in the AuthGroupFile then there is no additional request for 
authentication when s/he clicks on the Host Commands.  If the user is not in 
the AuthGroupFile then there is a request for authentication, just as 
expected.  However, thereafter the user is deemed unauthenticated and 
clicking on any other page or back on the browser requires to enter the 
username and passwd again.  Not sure if this will confuse your average user, 
but it will do for now.  Of course, when version 3.0 comes out Ton's solution 
will do this more elegantly.

Thank you both for your help!  :)
-- 
Regards,
Mick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <https://www.monitoring-lists.org/archive/users/attachments/20070919/7f13b884/attachment.sig>
-------------- next part --------------
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null