Page 1 of 2
Kerberos Auth for URL monitoring
Posted: Thu Jan 27, 2022 10:51 am
by psroberts
We need to monitor a URL that requires authentication via kerberos before it is able to be redirected to the URL and render the html. This does not seem to work with check_http as it appears only basic auth is supported? Is there a plugin that supports Kerberos authentication?
Re: Kerberos Auth for URL monitoring
Posted: Fri Jan 28, 2022 10:27 am
by ssax
I'm investigating this and will post an update shortly.
Re: Kerberos Auth for URL monitoring
Posted: Fri Jan 28, 2022 11:11 am
by ssax
I know curl is supposed to be able to do it but it depends on the version of curl your XI system is running. I found some plugins but I'll need to get a little more information.
https://stackoverflow.com/questions/385 ... e-required
Please the output of these commands from the XI server:
Code: Select all
uname -a
cat /etc/*release
curl -V
Re: Kerberos Auth for URL monitoring
Posted: Tue Feb 01, 2022 11:08 am
by psroberts
[root@nagiossrv1 ~]# uname -a
Linux nagiossrv1.mitre.org 4.18.0-348.7.1.el8_5.x86_64 #1 SMP Wed Dec 8 21:51:17 EST 2021 x86_64 x86_64 x86_64 GNU/Linux
[root@nagiossrv1 ~]# cat /etc/*release
NAME="Red Hat Enterprise Linux"
VERSION="8.5 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.5"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.5 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
HOME_URL="
https://www.redhat.com/"
DOCUMENTATION_URL="
https://access.redhat.com/documentation ... e_linux/8/"
BUG_REPORT_URL="
https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.5
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.5"
Red Hat Enterprise Linux release 8.5 (Ootpa)
Red Hat Enterprise Linux release 8.5 (Ootpa)
[root@nagiossrv1 ~]# curl -V
curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.6 libidn2/2.2.0 libpsl/0.20.2 (+libidn2/2.2.0) libssh/0.9.4/openssl/zlib nghttp2/1.33.0
Release-Date: 2018-09-05
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz brotli TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
Re: Kerberos Auth for URL monitoring
Posted: Wed Feb 02, 2022 11:10 am
by ssax
Thanks, that helps that you're running something recent!
I'm investigating this and will post an update later today.
Re: Kerberos Auth for URL monitoring
Posted: Wed Feb 02, 2022 8:01 pm
by ssax
I'm having issues getting this to work but I'm getting closer to understanding the full requirements of it and getting it to work, I should have an answer in the next couple of days.
Re: Kerberos Auth for URL monitoring
Posted: Thu Feb 03, 2022 8:28 am
by psroberts
Thank you for the update and the help digging into a solution here!
Re: Kerberos Auth for URL monitoring
Posted: Thu Feb 03, 2022 7:41 pm
by ssax
Are you going to be authenticating via user/password or via machine account (without password)?
Re: Kerberos Auth for URL monitoring
Posted: Fri Feb 04, 2022 2:31 pm
by psroberts
It will be username and password
Re: Kerberos Auth for URL monitoring
Posted: Mon Feb 07, 2022 10:34 am
by ssax
Okay, thank you for the information, I'll let you know my findings.