Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-15353

API login asks for password with HTTP authentication enabled

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Fixed
    • Icon: Minor Minor
    • 4.2 (plan)
    • 4.0.3
    • Documentation (D)
    • None
    • Sprint 47, Dec 2018, Sprint 48, Jan 2019
    • 0.5

      from documentation :

      When using HTTP authentication, the user name in the API request must match the one used in the Authorization header. The password will not be validated and can be omitted.

      httpuser - some user with http authentication enabled
      httppassword - http password for this user

      on 3.0 instance when logging in with http auth:
      request:

      curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php

      response:

      {"jsonrpc":"2.0","result":"6567ec78a7be64d96f5b9069699ab238","id":0}

      on 4.0.3 instance logging in with http auth:
      request:

      curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php

      response:

      {"jsonrpc":"2.0","error":{"code":-32602,"message":"Invalid params.","data":"Invalid parameter \"/\": the parameter \"password\" is missing."},"id":0}

      expected:
      Session token is returned

            gcalenko Gregory Chalenko
            kaspars.mednis Kaspars Mednis
            Team D
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: