Giters

NagVis / nagvis

Visualization addon for your open source monitoring core

Home Page:http://nagvis.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Cant configure nagvis authentication

AgentZoy opened this issue · comments

commented

Hi
I spent 5 hours but cant perform nagvis authentication with nangiosadmin user
OS Debian
Apache latest
php 7.4
Can someone say what I need to add to configs that I can authenticate with nagiosadmin user which stores credentials in /usr/local/nagios/etc/htpasswd.users
I tried all variants no one works
But authentication with nagiosadmin user to nagios is ok

commented

Nagvis version latest
Also cant login with admin admin user trying to use sqlite users.db
I changed password manually
UPDATE users SET password = 'hash' WHERE name = 'admin';
not sucessfull Error authentication failed

commented

The default did not seam to work here either. We are running nagios in conjunction with
an older check_mk over it. After some fiddling around it works for us.

Its possible you first have to logging to nagvis after creating it and create the user nagiosadmin with admin role.

In the nagvis.php.ini file we heve configured is like this:

;
logonmodule="LogonMixed"
;logonmodule="LogonEnv"
logonenvvar="REMOTE_USER"
logonenvcreateuser=1
;logonenvcreaterole="Guests"
;
commented

And nothink must be added to apache web site config?

commented

On centos one gets an extra file in /etc/http.d/somethingwithnagvis.

The nagvis installer normally takes care of that. After installattion apache/httpd should be restarted.

commented

I added to nagvis.ini.php
authmodule="CoreAuthModSQLite"
logonmodule="LogonMixed"
logonenvvar="REMOTE_USER"
logon_multisite_htpasswd="/usr/local/nagios/etc/htpasswd.users"
logonenvcreateuser="1"

I added to nano /etc/apache2/sites-available/nagvis.conf
AuthName "NagVis Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
Satisfy Any

Autorization doesnt work (((
What is wrong?

commented

You could try comment in nagvis.ini.php

is sqlite installed, its not needed if you use the nagios login?

; authmodule="CoreAuthModSQLite"
logonmodule="LogonMixed"
logonenvvar="REMOTE_USER"
; logon_multisite_htpasswd="/usr/local/nagios/etc/htpasswd.users"
; logonenvcreateuser="1"

Nagvis.conf on centos here, could differ on debian for apache, so google on it.

Alias /nagvis "/usr/local/nagvis/share"

<Directory "/usr/local/nagvis/share">
  Options FollowSymLinks
  AllowOverride None
  Order allow,deny
  Allow from all

  # To enable Nagios basic auth on NagVis use the following options
  # Just uncomment it. Maybe you need to adjust the path to the
  # Auth user file.
  #
  # If you use the NagVis internal auth mechanism based on the web
  # for you won't need this.
  #
  AuthName "NagVis Access"
  AuthType Basic
  AuthUserFile /usr/local/nagios/etc/htpasswd.users
  Require valid-user

  # With installed and enabled mod_rewrite there are several redirections
  # available to fix deprecated and/or wrong urls. None of those rules is
  # mandatory to get NagVis working.
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /nagvis

    # Use mod_rewrite for old url redirection even if there are php files which
    # redirect the queries itselfs. In some cases the mod_rewrite redirect
    # is better than the php redirect.
    #
    # Using the php redirect seems to be better in some cases where https/http servers
    # are mixed. For example in OMD setups where using apache own mode and https in the
    # frontend and http in the backend apache servers.
    #
    # Disabling this redirect by default in the hope that the php direct works better.
    #RewriteCond %{REQUEST_URI} ^/nagvis(/config\.php|/index\.php|/|)(\?.*|)$
    #RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/%1%2 [R=301,L]

    # Redirect old regular map links
    RewriteCond %{REQUEST_URI} ^/nagvis/frontend/(wui|nagvis-js)
    RewriteCond %{QUERY_STRING} map=(.*)
    RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Map&act=view&show=%1 [R=301,L]

    # Without map= param
    RewriteCond %{REQUEST_URI} ^/nagvis/frontend(/wui)?/?(index.php)?$
    RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php [R=301,L]

    # Redirect old rotation calls
    RewriteCond %{REQUEST_URI} ^/nagvis/frontend/nagvis-js
    RewriteCond %{QUERY_STRING} !mod
    RewriteCond %{QUERY_STRING} rotation=(.*)
    RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Rotation&act=view&show=%1 [R=301,L]
  </IfModule>
</Directory>
commented

Thanks now works
But I get error after login
You are not permitted to access this page (Overview/view/).

commented

Is there a nagiosadmin user in nagvis with admin rights?

commented

All issues fixed Was mistake in apache config Now all is ok

commented

Thanks

commented

Thank You and good luck.

commented

Thanks now works But I get error after login You are not permitted to access this page (Overview/view/).

Hello, how are you, how did you solve this error, I get the same thing, I've been trying for a while now.

nagvis.ini
logonmodule="LogonEnv"
logonenvvar="REMOTE_USER"
logonenvcreateuser="1"

nagvis.conf

Alias /nagvis "/opt/nagvis/share"

<Directory "/opt/nagvis/share">
Options FollowSymLinks
AllowOverride All
#Require all granted
Order allow,deny
Allow from all

AuthName "NagVis Access"
AuthType Basic
AuthUserFile /opt/nagios/etc/htpasswd.users
Require valid-user

RewriteEngine On RewriteBase /nagvis 
# Redirect old regular map links
RewriteCond %{REQUEST_URI} ^/nagvis/frontend/(wui|nagvis-js)
RewriteCond %{QUERY_STRING} map=(.*)
RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Map&act=view&show=%1 [R=301,L]

# Without map= param
RewriteCond %{REQUEST_URI} ^/nagvis/frontend(/wui)?/?(index.php)?$
RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php [R=301,L]

# Redirect old rotation calls
RewriteCond %{REQUEST_URI} ^/nagvis/frontend/nagvis-js
RewriteCond %{QUERY_STRING} !mod
RewriteCond %{QUERY_STRING} rotation=(.*)
RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Rotation&act=view&show=%1 [R=301,L]
#SetEnv REMOTE_USER user #RewriteRule /nagvis/ - [E=REMOTE_USER:nagiosadmin]

image

nagvis: 1.9.40
php: 8.1
almalinux 8.9

commented

Looks liky you are trying tu use login with the nagios users.

(Centos 7 / php 7.4 / apache 2.4)

nagvis.ini.php should be like:

logonmodule="LogonMixed"
;logonmodule="LogonEnv"
logonenvvar="REMOTE_USER"
logonenvcreateuser=1
;logonenvcreaterole="Guests"

/etc/httpd/conf.d/nagvis.conf

Alias /nagvis "/usr/local/nagvis/share"

<Directory "/usr/local/nagvis/share">
  Options FollowSymLinks
  AllowOverride None

   AuthName "NagVis Access"
   AuthType Basic
   AuthUserFile /usr/local/nagios/etc/htpasswd.users  (or where the file is located)
   Require valid-user

   <IfModule mod_rewrite.c>
     RewriteEngine On
     RewriteBase /nagvis

     RewriteCond %{REQUEST_URI} ^/nagvis/frontend/(wui|nagvis-js)
     RewriteCond %{QUERY_STRING} map=(.*)
     RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Map&act=view&show=%1 [R=301,L]

     # Without map= param
     RewriteCond %{REQUEST_URI} ^/nagvis/frontend(/wui)?/?(index.php)?$
     RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php [R=301,L]

     # Redirect old rotation calls
     RewriteCond %{REQUEST_URI} ^/nagvis/frontend/nagvis-js
     RewriteCond %{QUERY_STRING} !mod
     RewriteCond %{QUERY_STRING} rotation=(.*)
     RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Rotation&act=view&show=%1 [R=301,L]
   </IfModule>
</Directory>
commented

Thanks for what I see, I have to use nagvis-make-admin nagiosadmin to give it permissions