Help with insecure login / backend ticket authentication.

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
yo_marc
Posts: 83
Joined: Thu Aug 11, 2016 1:56 pm

Help with insecure login / backend ticket authentication.

Post by yo_marc »

Hello Nagios Support,

Some colleagues of mine are working to integrate OpsGenie with Nagios XI. The XI integration for OpsGenie is written to use the old backend-ticket authentication to perform actions on the Nagios XI server. We're having trouble with this... A couple of examples:

1. Starting at a low level - This example URL works in a web browser, but not when run through a script or simply by curl on the command line:

https://<nagios_server>/nagiosxi/index.php?username=<username>&ticket=<insecure login ticket>

When run in curl or through a script, we always get the message, "Your session has timed out".

2. Going deeper -- OpsGenie integration is trying to execute a command like this in a script:

https://<nagios_server>/nagiosxi/includes/components/nagioscore/ui/trends.php?createimage&host=<hostname>&username=<username>&ticket=<insecure login ticket>

This only works in a web browser - and only if we are logged into Nagios XI (as any user). It will not work if we are not logged in, and will not work on command line. Failures result in the same "Your session has timed out" message.

Are these conditions by chance a bug? Or is it something more likely like browser session cookies not being handed off correctly?

Is there anything we can do to work around these issues?

Thanks,
-marc
Top
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Help with insecure login / backend ticket authentication

Post by ssax »

This is because we are no longer updating the old backend component because it has been deprecated for a while now (See Admin > Manage Components > Backend API URL) and the auth system has changed, OpsGenie will need to update their utility to use the new API or utilize auth tokens.

The only way to get it to work would be use to utilize auth tokens:

Code: Select all

http:/YOURXISERVER//nagiosxi/help/auth-token-reference.php
For example:

Code: Select all

curl -XPOST -k -L 'http://YOURXISERVER/nagiosxi/api/v1/authenticate?pretty=1' -d 'username=nagiosadmin&password=YOURPASS&valid_min=5'
curl -k -L 'http://YOURXISERVER/nagiosxi/includes/components/nagioscore/ui/trends.php?createimage&host=localhost&token=TOKEN' > image.png
Top
yo_marc
Posts: 83
Joined: Thu Aug 11, 2016 1:56 pm

Re: Help with insecure login / backend ticket authentication

Post by yo_marc »

Thank you!!
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: Help with insecure login / backend ticket authentication

Post by scottwilkerson »

yo_marc wrote:Thank you!!
No problem.

May we lock the thread?
Former Nagios employee
Creator:
ahumandesign.com
Get Your Chart
Top
yo_marc
Posts: 83
Joined: Thu Aug 11, 2016 1:56 pm

Re: Help with insecure login / backend ticket authentication

Post by yo_marc »

Certainly - Thanks for checking.
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: Help with insecure login / backend ticket authentication

Post by scottwilkerson »

yo_marc wrote:Certainly - Thanks for checking.
Great!

Locking thread
Former Nagios employee
Creator:
ahumandesign.com
Get Your Chart
Top
Locked

Return to “Nagios XI”