Opened on 03/18/2015 at 03:11:58 PM
Closed on 10/24/2017 at 02:36:35 PM
#2164 closed defect (incomplete)
Switch Monitoring To HTTP Digest Authentication
Reported by: | matze | Assignee: | |
---|---|---|---|
Priority: | P3 | Milestone: | |
Module: | Infrastructure | Keywords: | |
Cc: | fhd | Blocked By: | |
Blocking: | #2163, #2242 | Platform: | Unknown |
Ready: | yes | Confidential: | no |
Tester: | Unknown | Verified working: | no |
Review URL(s): |
Description
The HTTP Basic Authentication mechanism is currently used to identify users in our Nagios frontend. Changing this to HTTP Digest is fairly trivial, but a nice addition to the SSL encryption layer.
Attachments (0)
Change History (3)
comment:1 Changed on 03/31/2015 at 12:06:17 PM by matze
- Blocking 2242 added
comment:2 Changed on 11/17/2016 at 01:58:56 PM by poz2k4444
- Tester set to Unknown
- Verified working unset
comment:3 Changed on 10/24/2017 at 02:36:35 PM by matze
- Resolution set to incomplete
- Status changed from new to closed
Obsolete by now. And arguably ever since we ensure all services to be available via HTTPS only, which significantly limits the number of scenarios where the credentials would be passed in clear-text (e.g. a browser session with cached credentials and explicit access to an http resource on the same domain).
Note: See
TracTickets for help on using
tickets.
This is fairly trivial indeed on the config file but nginx need to be recompiled since it doesn't have the digest auth out of the box but as a third party module:
https://www.nginx.com/resources/wiki/modules/auth_digest/
So I'm postponing this implementation for now.