Hi there,
I've googled around, and don't have access yet to the "paid" forum as I'm still on the trial.
I'm trying to figure out how to secure the Respond URL in the email notification alerts that are sent out on a Critical host or service alert. Right now, I can click the URL and it sends me immediately to the host alert. I'd like to have it prompt the user to enter their Nagios credentials before proceeding.
Is there a way to enable this functionality?
Securing Response URL in Email Notifications
Re: Securing Response URL in Email Notifications
You can add the following line to the "/usr/local/nagiosxi/html/config.inc.php" file:
and restart apache:
This should force users to login in the response URL.
Code: Select all
$cfg['secure_response_url']=1;Code: Select all
service httpd restartBe sure to check out our Knowledgebase for helpful articles and solutions!
Re: Securing Response URL in Email Notifications
Thanks! I'll give it a shot in the morning.
Do you know offhand if this was available in a document anywhere? I searched for a bit and didn't find anything. I hate making forum posts if I could have avoided it.
Do you know offhand if this was available in a document anywhere? I searched for a bit and didn't find anything. I hate making forum posts if I could have avoided it.
Re: Securing Response URL in Email Notifications
I just made the change, and when I click the response URL I get the following:lmiltchev wrote:You can add the following line to the "/usr/local/nagiosxi/html/config.inc.php" file:
and restart apache:Code: Select all
$cfg['secure_response_url']=1;
This should force users to login in the response URL.Code: Select all
service httpd restart
Rapid Response URL's have been secured. this link is no longer valid.
What I was looking for is to have the response URL still work, but simply prompt for a username and password
Re: Securing Response URL in Email Notifications
It should work with the *new* respond URL links. I don't believe this has been documented. It is in the 2012R2.3 change log:
https://assets.nagios.com/downloads/nag ... S-2012.TXTAdd ability to secure notification %responseurl% by setting $cfg['secure_response_url']=1; in config.inc.php -SW
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Securing Response URL in Email Notifications
Not sure what you mean by "new" respond URL links. After making the change, I took a host down to force it to send an alert. I click the respond URL and it immediately took me into the page.lmiltchev wrote:It should work with the *new* respond URL links. I don't believe this has been documented. It is in the 2012R2.3 change log:
https://assets.nagios.com/downloads/nag ... S-2012.TXTAdd ability to secure notification %responseurl% by setting $cfg['secure_response_url']=1; in config.inc.php -SW
I tried this from multiple devices, ones that have never logged into Nagios before to eliminate it being a cached password or cookies issue.
You are right though, initially I clicked a link from an old host down alert. New links bring me into the acknowledge/host details etc page but do not prompt for user/pass.
Re: Securing Response URL in Email Notifications
Sorry, long day... I Added the code, but commented it out, haha.
So, to summarize, I now have alerts secured. I simulated a down host, received the alert and clicked the respond URL. It brought me right to the Nagios XI main login page. When I enter my credentials for 'nagiosadmin' it DOES log me in, however it shows the following:
Not Authorized
You are not authorized to view the requested object, or the object does not exist.
I can click around and browse hosts, and do everything with full admin rights. I assumed once I entered the nagiosadmin user and pass, it would bring me to the page that the respond URL would normally send you to.
Am I missing something here??
So, to summarize, I now have alerts secured. I simulated a down host, received the alert and clicked the respond URL. It brought me right to the Nagios XI main login page. When I enter my credentials for 'nagiosadmin' it DOES log me in, however it shows the following:
Not Authorized
You are not authorized to view the requested object, or the object does not exist.
I can click around and browse hosts, and do everything with full admin rights. I assumed once I entered the nagiosadmin user and pass, it would bring me to the page that the respond URL would normally send you to.
Am I missing something here??
Re: Securing Response URL in Email Notifications
Maybe this should have been asked earlier, but what XI version are you on?
Former Nagios employee
Re: Securing Response URL in Email Notifications
Can you check the /var/log/httpd/error_log file for any errors and post them here?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Securing Response URL in Email Notifications
XI version 2014R2.7
/var/log/httpd/error_log
I see that repeated a bunch of times, but nothing regarding respond URL. I generated a host down alert, click the respond link, logged in with my nagiosadmin credentials, and the same thing occurs.
/var/log/httpd/error_log
Code: Select all
[Mon Jun 22 16:19:50 2015] [error] [client ::1] PHP Notice: Undefined index: language in /usr/local/nagiosxi/html/includes/components/ccm/includes/common_functions.inc.php on line 710
[Mon Jun 22 16:19:50 2015] [error] [client ::1] PHP Notice: Undefined index: language in /usr/local/nagiosxi/html/includes/components/ccm/includes/common_functions.inc.php on line 711