Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-24685

HTTP Authentication only works with Internal accounts

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Won't Do
    • Icon: Trivial Trivial
    • None
    • 6.4.15
    • Frontend (F)
    • None
    • RHEL 8.10, Zabbix 6.4 with Apache HTTPD frontend, local MySQL database

      Steps to reproduce:

      1. Establish working HTTP based Zabbix frontend authentication config
        1. (My existing config uses client certificates, HTTP auth, and pre-existing Zabbix internal accounts)
      2. Configure LDAP Server (with JIT Provisioning) that can perform a successful login (test), with the same username format as is used in the working HTTP based authentication (i.e. the same value that gets set for the PHP_AUTH_USER variable)
        1. (I want to use an LDAP server for identity / access control instead of managing internal accounts)
      3. Set the default authentication to LDAP instead of Internal
      4. Attempt to use HTTP login form

      Result:
      Zabbix login page says the user doesn't exist or is temporarily blocked.
      Expected:
      Zabbix does an LDAP search of the user from the PHP_AUTH_USER variable, performs JIT provisioning, and logs in the user.

            zux Edgars Melveris
            haiken Hayden Aiken
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: