is there a way to pass contact username thru url to status.cgi for authentication?

[Gavin Carr]

Hi Steve,

I don't think you can do this at the nagios level, because nagios just
uses standard webserver authentication, deferring to apache (or whatever).

So what you need to figure out is a way to hook your credentials into some 
apache (if that's what you're using?) authentication module. If you're 
really just wanting the nagios webserver to trust your 'contact' parameter
and use that (which obviously is *completely* insecure/hackable etc.), you
should just be able to write a trivial apache module in C or perl to do
just that.

Or you pass the password as well, and actually authenticate each time (i.e.
basic authentication, but without the popup). Or you look at a ticket-based 
SSO-type approach (like my mod_auth_tkt, or mod_auth_cas, or similar). Any
of these work fine with nagios.

Cheers,
Gavin


On Thu, Oct 07, 2010 at 04:48:22PM +1100, Steve Kemp wrote:
> Im looking for a way to allow remote access to Nagios based on specific
> clients (contacts) in Nagios without using http authentication
> 
> The remote access is being displayed in another site using <object> tags
> 
> I don't however want them to have access to any data not relating to their
> specific servers.
> 
> So for example:
> 
> http://www.domain.com/nagios/cgi-bin/status.cgi?host=server1.clientsdomain.c
> om.au
> <http://www.domain.com/nagios/cgi-bin/status.cgi?host=server1.clientsdomain.
> com.au&style=detail> &style=detail is what I would like to load but the cgis
> can only show the data relating to the contacts servers.
> 
> In Firefox and Chrome I can pass authentication thru the browser via
> http://user:pass@ but this isn't allowed in IE, and isn't ideal or secure
> anyway.
> 
> Is there a way to pass the contact variable thru to the browser ie
> http://www.domain.com/nagios/cgi-bin/status.cgi?host=server1.clientsdomain.c
> om.au
> <http://www.domain.com/nagios/cgi-bin/status.cgi?host=server1.clientsdomain.
> com.au&style=detail&contact=xyz> &style=detail&contact=xyz so that while the
> user isn't given a popup login box they are still restricted to only seeing
> data relating to their server or servers


------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2 & L3.
Spend less time writing and  rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null