Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-15353

API login asks for password with HTTP authentication enabled

    XMLWordPrintable

Details

    • Problem report
    • Resolution: Fixed
    • Minor
    • 4.2 (plan)
    • 4.0.3
    • Documentation (D)
    • None
    • Team D
    • Sprint 47, Dec 2018, Sprint 48, Jan 2019
    • 0.5

    Description

      from documentation :

      When using HTTP authentication, the user name in the API request must match the one used in the Authorization header. The password will not be validated and can be omitted.

      httpuser - some user with http authentication enabled
      httppassword - http password for this user

      on 3.0 instance when logging in with http auth:
      request:

      curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php
      

      response:

      {"jsonrpc":"2.0","result":"6567ec78a7be64d96f5b9069699ab238","id":0}
      

      on 4.0.3 instance logging in with http auth:
      request:

      curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php
      

      response:

      {"jsonrpc":"2.0","error":{"code":-32602,"message":"Invalid params.","data":"Invalid parameter \"/\": the parameter \"password\" is missing."},"id":0}
      

      expected:
      Session token is returned

      Attachments

        Issue Links

          Activity

            People

              gcalenko Gregory Chalenko
              kaspars.mednis Kaspars Mednis
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: