Hi,
We run a Nagios Core server, which is located on the public internet. Read-access is allowed by all due to the nature of our efforts (Open Community Wireless Network), yet write access has to be restricted to login-based access (spam et al.).
I could not found something pretty online, so I created something new, using apache modules mod_auth_form, mod_session_crypto and mod_session_hack:
Code over here: http://svn.wirelessleiden.nl/svn/code/mod_session_hack/
I still feel that it could be cleaner without the 'hacky' module et al, comments welcome if somebody fixed it alternatively.
Nagios User Form Based Authentication
-
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Nagios User Form Based Authentication
First off, thanks so much for sharing the code!
As for your thoughts on it being hacky, it may not be exactly what you want, but a log-in page was added in 4.3.0: https://github.com/NagiosEnterprises/na ... /Changelog. At the very least, looking at that code may give you some ideas for a cleaner implementation.
If you would like to see specific features in our implementation of auth, I highly encourage you to file a feature request at https://github.com/NagiosEnterprises/nagioscore/issues (and of course if you find bugs, bug reports...even though they both fall under "Issues").
As for your thoughts on it being hacky, it may not be exactly what you want, but a log-in page was added in 4.3.0: https://github.com/NagiosEnterprises/na ... /Changelog. At the very least, looking at that code may give you some ideas for a cleaner implementation.
If you would like to see specific features in our implementation of auth, I highly encourage you to file a feature request at https://github.com/NagiosEnterprises/nagioscore/issues (and of course if you find bugs, bug reports...even though they both fall under "Issues").
-
- Posts: 2
- Joined: Wed May 03, 2017 2:59 pm
Re: Nagios User Form Based Authentication
Seems to have lived one minor revision, as 4.3.1 does not have the code anymore, as the commit was reverted (reason unknown) https://github.com/NagiosEnterprises/na ... 0120ddecb4 it looks roughly the same indeed, without the hacky stuff, I feel inspired for some more codingdwhitfield wrote:First off, thanks so much for sharing the code!
As for your thoughts on it being hacky, it may not be exactly what you want, but a log-in page was added in 4.3.0: https://github.com/NagiosEnterprises/na ... /Changelog. At the very least, looking at that code may give you some ideas for a cleaner implementation.
Thanks, I normally try to file feature request attached with patch to implement it. I can see if I can come up with something 'session management-ish inside the nagios cgi framework', since we also like it to work for the non-apache world .dwhitfield wrote: If you would like to see specific features in our implementation of auth, I highly encourage you to file a feature request at https://github.com/NagiosEnterprises/nagioscore/issues (and of course if you find bugs, bug reports...even though they both fall under "Issues").
-
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Nagios User Form Based Authentication
Long-story-short, it caused all sorts of problems for people. You can see that 4.3.0 and 4.3.1 came out two days apart: https://github.com/NagiosEnterprises/na ... /Changelogrickvanderzwet wrote: Seems to have lived one minor revision, as 4.3.1 does not have the code anymore, as the commit was reverted (reason unknown) https://github.com/NagiosEnterprises/na ... 0120ddecb4 it looks roughly the same indeed, without the hacky stuff, I feel inspired for some more coding
I hate to leave it vague with "problems" but I don't know that it's fair to sum it up with "Turns out, many people don't know how to configure Apache." That's certainly part of the issue, but last I heard the idea was to implement with something easier for new users to turn off and on. I don't know when that might be. As far as I'm aware, 4.3.2, 4.4, and 5.0.0 are all currently in the works. I kinda suspect it might wait until 5.0.0 since it's a big number change so people will expect big number changes. I doubt it will be 4.3.2, but I can't say anything definite.
Not necessary. You can always file the feature request and produce the code later. The thing about waiting is if the main devs aren't thinking about your feature request they might build something that makes it harder for your feature. Plus, maybe they'll have an idea for implementing it quickly, which will free you up for other things, and other people get the feature quicker. Everybody wins.Thanks, I normally try to file feature request attached with patch to implement it