Details
-
Problem report
-
Resolution: Fixed
-
Minor
-
4.0.3
-
None
-
Team D
-
Sprint 47, Dec 2018, Sprint 48, Jan 2019
-
0.5
Description
from documentation :
When using HTTP authentication, the user name in the API request must match the one used in the Authorization header. The password will not be validated and can be omitted.
httpuser - some user with http authentication enabled
httppassword - http password for this user
on 3.0 instance when logging in with http auth:
request:
curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php
response:
{"jsonrpc":"2.0","result":"6567ec78a7be64d96f5b9069699ab238","id":0}
on 4.0.3 instance logging in with http auth:
request:
curl -u httpuser:httppassword -i -X POST -H 'Content-Type:application/json' -d'{"jsonrpc": "2.0","method":"user.login","params":{"user":"httpuser"},"id":0}' http://127.0.0.1/zabbix/api_jsonrpc.php
response:
{"jsonrpc":"2.0","error":{"code":-32602,"message":"Invalid params.","data":"Invalid parameter \"/\": the parameter \"password\" is missing."},"id":0}
expected:
Session token is returned
Attachments
Issue Links
- caused by
-
ZBXNEXT-4573 Single Sign-on using webserver
-
- Closed
-