-
Change Request
-
Resolution: Unresolved
-
Minor
-
None
-
1.8.22
-
Apache 2.2 webserver running the PHP frontend on a Linux system
-
10
With authentication set to "http" Zabbix should also allow negotiate logins such as Kerberos. This patch to index.php allows these logins.
--- /home/xxxx/src/zabbix-1.8.5/frontends/php/index.php 2011-04-15 21:17:31.000000000 +0200
+++ index.php 2011-04-18 09:55:29.000000000 +0200
@@ -65,6 +65,14 @@
$_REQUEST['name'] = $_SERVER['PHP_AUTH_USER'];
$_REQUEST['password'] = 'zabbix';//$_SERVER['PHP_AUTH_PW'];
}
+// BEGIN added by xxxx
+ elseif(isset($_SERVER['AUTH_TYPE']) && $_SERVER['AUTH_TYPE']=='Negotiate'){
+ if(!isset($sessionid)) $_REQUEST['enter'] = 'Enter';
+ $user_parts = explode('@',$_SERVER['REMOTE_USER']);
+ $_REQUEST['name'] = strtoupper($user_parts[0]);
+ $_REQUEST['password'] = 'zabbix';//$_SERVER["PHP_AUTH_PW"];
+ }
+// END added by xxxx
else{
access_deny();
}
Please note, that there is a strtoupper for the username. This is because Linux sends the username in lowercase, Windows in uppercase. In my opinion usernames should not be case sensitive (as it is in Zabbix) but with this workaround it works well.
- is duplicated by
-
ZBXNEXT-1266 Allow Single-Sign-On (SSO) through Kerberos
-
- Closed
-
-
-
- Closed
-
-
ZBX-8639 HTTP authentication with user certificate in browser
-
- Closed
-
-
-
- Closed
-
- part of
-
-
- Closed
-