Opened 5 years ago

Closed 2 years ago

#2164 closed defect (incomplete)

Switch Monitoring To HTTP Digest Authentication

Reported by: matze Assignee:
Priority: P3 Milestone:
Module: Infrastructure Keywords:
Cc: fhd Blocked By:
Blocking: #2163, #2242 Platform: Unknown
Ready: yes Confidential: no
Tester: Unknown Verified working: no
Review URL(s):

Description

The HTTP Basic Authentication mechanism is currently used to identify users in our Nagios frontend. Changing this to HTTP Digest is fairly trivial, but a nice addition to the SSL encryption layer.

Change History (3)

comment:1 Changed 5 years ago by matze

  • Blocking 2242 added

comment:2 Changed 3 years ago by poz2k4444

  • Tester set to Unknown
  • Verified working unset

This is fairly trivial indeed on the config file but nginx need to be recompiled since it doesn't have the digest auth out of the box but as a third party module:

https://www.nginx.com/resources/wiki/modules/auth_digest/

So I'm postponing this implementation for now.

comment:3 Changed 2 years ago by matze

  • Resolution set to incomplete
  • Status changed from new to closed

Obsolete by now. And arguably ever since we ensure all services to be available via HTTPS only, which significantly limits the number of scenarios where the credentials would be passed in clear-text (e.g. a browser session with cached credentials and explicit access to an http resource on the same domain).

Note: See TracTickets for help on using tickets.