[dev.icinga.com #1007] Creating new "http-basic" user: password shall not be required #253
Comments
Updated by grue on 2010-11-18 10:49:11 +00:00 tgelf wrote:
i have configured ldap auth and password shall not be required. i can also type in was i want and i can login to icinga-web |
Updated by grue on 2010-11-18 15:30:42 +00:00 Solution: search in auth.xml file and changes settings to: <ae:parameter name="auth_key"> Clear cache and test it again. The provider "auth_key" return always true for login... |
Updated by eragonio on 2010-11-20 09:11:33 +00:00 grue wrote:
But then you cant use Icinga Mobile. |
Updated by tgelf on 2010-11-20 19:21:23 +00:00 Passwordless login and Icinga Mobile are of course pretty interesting, but have nothing to do with my initial question. I haven't been talking about the login form itself, but about the form field "password" (to be entered twice) but about the steps you have to do when you want to configure user permissions prior their first login. I also talked just about users already authenticated by your Web Server (LDAP, Kerberos, whatever), they will not be authenticated (but autorized) by Icinga-Web. Users are automagically created in Icinga-Web's DB after your first login, but often that's not what you want. Several times I have been asked to configure Icinga-Web in a way that authentication information is provided externally (e.g.: Kerberos ticket), but to only allow login for specific users and to also limit them to be able to access only very few specific Hostgroups. For being able to do so, you have to prepare those external users in Icinga-Web, choosing a specific type. In my initial bug report I have chosen "http-basic" as an example. And that's the step this bug report is related to: it doesn't absolutely make sense to make the password fields compulsory in this case. They should either vanish once such a backend is chosen - or at least become optional in that case. |
Updated by jmosshammer on 2011-09-26 15:44:30 +00:00
Is this still current? |
Updated by jmosshammer on 2011-09-27 11:16:21 +00:00
|
Updated by tgelf on 2011-09-27 11:25:27 +00:00
As shown in the attached screenshot this is still true for 1.5.x |
Updated by mhein on 2011-09-27 13:09:25 +00:00
|
Updated by jmosshammer on 2011-09-27 14:37:50 +00:00
fixed in my branch |
Updated by mfriedrich on 2011-12-03 11:28:24 +00:00
|
This issue has been migrated from Redmine: https://dev.icinga.com/issues/1007
Created by tgelf on 2010-11-15 15:08:41 +00:00
Assignee: jmosshammer
Status: Closed (closed on 2011-09-27 14:37:50 +00:00)
Target Version: 1.6
Last Update: 2011-12-03 11:30:09 +00:00 (in Redmine)
Usually admins want to prepare user permissions (hostgroup filters ecc) before their initial login. To do so, you just have to create a "http-basic" user. However, in that case the password field should no longer be compulsory.
Attachments
The text was updated successfully, but these errors were encountered: