Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-4741

authentication configuration page still uses "profiles" table

    Details

    • Type: Incident report
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.0.0rc1
    • Fix Version/s: 2.0.2rc1, 2.1.0
    • Component/s: Frontend (F)
    • Labels:
      None

      Description

      We are considering Administration -> Authentication page.
      As we know in the 1.8 frontend if an user selects any value of "Default authentication" it is preserved in the "profiles" table.
      Then this value will be shown when the user visits the page, disregarding on fact that actual authentication stored in a "config" table and it can be different (yes, I know about an visible checkbox).

      A value stored in the profiles table:
      mysql> SELECT userid, idx, value_int FROM `profiles` WHERE `idx` LIKE '%authentication%';
      ------------------------------------------

      userid idx value_int

      ------------------------------------------

      1 web.authentication.config 0

      ------------------------------------------

      Where "value_int" it's last time selected authentication_type:
      0 - internal (authenticated by Zabbix)
      1 - External LDAP
      2 - External HTTP

      A scenario:
      1. Suppose a zabbix super admin using 1.8.x frontend once has selected HTTP (or LDAP is similar example) authentication and left it (without saving changes).
      2. He has upgraded to 2.0 version.
      3. Once it opened the Administration -> Authentication page (using 2.0 frontend already).
      4. He will see that "HTTP" radio-button will be highlighted which should mean the HTTP default authentication, but he knows that actually "Internal" should be highlighted.
      5. He clicks on "Internal" button and will see that Save button is not "clickable" (not active).
      My guess - the Save button is not active because in the "config" table the current "Internal" auth already defined.

      So it's bad behavior which can mislead users.

      To solve this case I'm suggesting to not use "profiles" table to store the "idx=web.authentication.config" record at all but use only "config" table to show actual current default authentication method.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                zalex_ua Oleksiy Zagorskyi
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: