Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-15078

API "Frontend Access Disabled" w/LDAP Issue

    Details

    • Type: Problem report
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 4.0.1rc2, 4.0.1, 4.0 (plan)
    • Fix Version/s: 4.0.3rc1, 4.2.0alpha2, 4.2 (plan)
    • Component/s: API (A)
    • Labels:
      None
    • Team:
      Team D
    • Sprint:
      Sprint 46, Nov 2018
    • Story Points:
      0.125

      Description

      In version 4.0 it looks like "Frontend access: Disabled" has changed in the way it works just a bit.  I think this is related to ZBXNEXT-4573.

      In 3.4 and prior when using LDAP as the authentication mechanism "Disabled" worked as expected by still authenticating API users with frontend access disabled against LDAP instead of the internal database.

      Now that it seems both internal and LDAP can be used at the same time Disabled seems to ignore LDAP even if it's the default and it only looks at the internal user database for authentication.

      I propose one of three fixes:

      • Adjust "Disabled" to read from the default authentication mechanism as it did <4.0.
      • Adjust "Disabled" to read more like "Disabled (internal)"
      • Create a second "Disabled" option so there's one for internal, and one for LDAP

      The latter is the preferred method as it provides the most flexibility and keeps the functionality that many like myself are used to present.

      As it stands, anyone using LDAP that upgrades to 4.0 that's doing anything via the API will face authentication failures which can be a very big deal.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                gcalenko Gregory Chalenko
                Reporter:
                jonathanspw Jonathan W
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: