HTTP Authentication only works with Internal accounts

XMLWordPrintable

    • Type: Problem report
    • Resolution: Won't Do
    • Priority: Trivial
    • None
    • Affects Version/s: 6.4.15
    • Component/s: Frontend (F)
    • None
    • Environment:
      RHEL 8.10, Zabbix 6.4 with Apache HTTPD frontend, local MySQL database

      Steps to reproduce:

      1. Establish working HTTP based Zabbix frontend authentication config
        1. (My existing config uses client certificates, HTTP auth, and pre-existing Zabbix internal accounts)
      2. Configure LDAP Server (with JIT Provisioning) that can perform a successful login (test), with the same username format as is used in the working HTTP based authentication (i.e. the same value that gets set for the PHP_AUTH_USER variable)
        1. (I want to use an LDAP server for identity / access control instead of managing internal accounts)
      3. Set the default authentication to LDAP instead of Internal
      4. Attempt to use HTTP login form

      Result:
      Zabbix login page says the user doesn't exist or is temporarily blocked.
      Expected:
      Zabbix does an LDAP search of the user from the PHP_AUTH_USER variable, performs JIT provisioning, and logs in the user.

            Assignee:
            Edgars Melveris
            Reporter:
            Hayden Aiken
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: