Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Nagios Core 4 no password request for GUI

https://support.nagios.com/forum/viewtopic.php?t=56970

Page 1 of 1

Nagios Core 4 no password request for GUI

Posted: Thu Jan 02, 2020 7:25 pm
by ste.giraldo
Hi, I'm using Nagios Core 4.3.4 on a Debian 10 with Apache/2.4.38.
I'm trying to set a login username and password for the web GUI, but despite my configs, the GUI is still visible without authentication. Following what I set:

In /etc/nagios4/cgi.cfg: use_authentication=1
In /etc/nagios4/apache2.conf:
Alias /nagios4 /usr/share/nagios4/htdocs
<Files "cmd.cgi">
AuthDigestDomain "Nagios4"
AuthDigestProvider file
AuthUserFile "/usr/share/nagios4/htdocs/.htpasswd"
AuthGroupFile "/etc/group"
AuthName "Nagios4 Access"
# AuthType Digest
AuthType Basic
# Require all granted
Require valid-user
</Files>
Tried also with "AuthType Digest": nothing change.

# cat /usr/share/nagios4/htdocs/.htpasswd
nagiosadmin:some_enc_passwd

The GUI show me "Logged in as nagiosadmin", despite I didn't logged in at any popup request.

Any ideas of what's wrong?

Thanks, Stefano.

Re: Nagios Core 4 no password request for GUI

Posted: Fri Jan 03, 2020 12:17 pm
by mbellerue
Were you using this installation guide?
https://support.nagios.com/kb/article/n ... tml#Ubuntu

With a directory of /etc/nagios4, it looks like you may have installed via the package manager.

Re: Nagios Core 4 no password request for GUI

Posted: Fri Jan 03, 2020 12:45 pm
by ste.giraldo
Hi, yes I read that guide and yes, I've installed nagios4 via apt. Does the installation via apt miss some needed package for the web authentication?

Thanks, Stefano.

Re: Nagios Core 4 no password request for GUI

Posted: Fri Jan 03, 2020 1:20 pm
by mbellerue
The apt package must have some other setting for authentication. We don't manage that package, so it's kind of a mystery to us. Here's what the Apache configuration looks like after running through our install doc. You'll need to change any directories to make sure that they line up with what actually exists on your system, but hopefully this will help you get Apache configured.

/etc/apache2/sites-enabled/nagios.conf

Code: Select all

# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
#
# This file contains examples of entries that need
# to be incorporated into your Apache web server
# configuration file.  Customize the paths, etc. as
# needed to fit your system.

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   <IfVersion >= 2.3>
      <RequireAll>
         Require all granted
#        Require host 127.0.0.1

         AuthName "Nagios Access"
         AuthType Basic
         AuthUserFile /usr/local/nagios/etc/htpasswd.users
         Require valid-user
      </RequireAll>
   </IfVersion>
   <IfVersion < 2.3>
      Order allow,deny
      Allow from all
#     Order deny,allow
#     Deny from all
#     Allow from 127.0.0.1

      AuthName "Nagios Access"
      AuthType Basic
      AuthUserFile /usr/local/nagios/etc/htpasswd.users
      Require valid-user
   </IfVersion>
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options None
   AllowOverride None
   <IfVersion >= 2.3>
      <RequireAll>
         Require all granted
#        Require host 127.0.0.1

         AuthName "Nagios Access"
         AuthType Basic
         AuthUserFile /usr/local/nagios/etc/htpasswd.users
         Require valid-user
      </RequireAll>
   </IfVersion>
   <IfVersion < 2.3>
      Order allow,deny
      Allow from all
#     Order deny,allow
#     Deny from all
#     Allow from 127.0.0.1

      AuthName "Nagios Access"
      AuthType Basic
      AuthUserFile /usr/local/nagios/etc/htpasswd.users
      Require valid-user
   </IfVersion>
</Directory>
And don't forget to restart Apache so the changes get picked up.

Re: Nagios Core 4 no password request for GUI

Posted: Fri Jan 03, 2020 7:28 pm
by ste.giraldo
Got it!
The problem was generated by this entry:

Code: Select all

<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
    Options FollowSymLinks
    DirectoryIndex index.php index.html
    AllowOverride AuthConfig
    Require ip  ::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16
    <Files "cmd.cgi">
        AuthDigestDomain "Nagios4"
        AuthDigestProvider file
        AuthUserFile "/usr/share/nagios4/htdocs/.htpasswd"
        AuthGroupFile   "/etc/group"
        AuthName        "Nagios4 Access"
#       AuthType        Digest
        AuthType        Basic
        Require all     granted
    </Files>
</DirectoryMatch>
so I removed /usr/share/nagios4/htdocs from "DirectoryMatch" and rewrote as:

Code: Select all

<Directory /usr/share/nagios4/htdocs>
    Options     +ExecCGI
    #  SSLRequireSSL
       Options None
       AllowOverride None
          <RequireAll>
             Require all granted
    #        Require host 127.0.0.1

             AuthName "Nagios Access"
             AuthType Basic
             AuthUserFile /usr/share/nagios4/htdocs/.htpasswd
             Require valid-user
          </RequireAll>
</Directory>
Now it request user and pass as expected.

Thanks for your help, you can close this topic.

Re: Nagios Core 4 no password request for GUI

Posted: Mon Jan 06, 2020 11:59 am
by mbellerue
Awesome! Thank you for posting the solution back here! Closing thread.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited