Hello, we use an OMD-based system with naemon and thruk for our
monitoring and are trying to implement a two level access model:
- anonymous access to status information (read-only)
- cookie-based access for the rest.
This means that apache and thruk must interact to allow access to
certain URLs with a default username while requiring cookie auth for
orther URLs.
The Thruk part of this is easy and solved, we set a "default_user_name"
and limited access and permissions of that user, this works nicely.
But then all the interface is limited and we cannot use a different
username.
Now we are trying to configure apache to pass this username to thruk,
but only for certain URL's, i.e. status.cgi.
In other cases, suggestions were to make a link to the directory with
the CGI's and use the different URLs to distinguish the two cases in the
apache configuration.
This seems to be difficult with thruk, as the URL's are not directories
and how do you make a link to a location ?? We tried setting an alias
but this did not help.
Another approach could be to allow only this URL without auth by a
combination of location and file directives; however there we seem to
get stuck in the rewrite rules used for the cookie based auth. It seems
that even if the user is passed the rewrite rule changes the status.cgi
to the login page.
Has anybody gotten a working solution for such a setup? Are we doing
something wrong?
Regards, Jakob Curdes
_______________________________________________
omd-users mailing list
omd-users@lists.mathias-kettner.de
http://lists.mathias-kettner.de/mailman/listinfo/omd-users
