Opened on 03/18/2015 at 03:11:58 PM

Closed on 10/24/2017 at 02:36:35 PM

#2164 closed defect (incomplete)

Switch Monitoring To HTTP Digest Authentication

Reported by: matze Assignee:
Priority: P3 Milestone:
Module: Infrastructure Keywords:
Cc: fhd Blocked By:
Blocking: #2163, #2242 Platform: Unknown
Ready: yes Confidential: no
Tester: Unknown Verified working: no
Review URL(s):


The HTTP Basic Authentication mechanism is currently used to identify users in our Nagios frontend. Changing this to HTTP Digest is fairly trivial, but a nice addition to the SSL encryption layer.

Attachments (0)

Change History (3)

comment:1 Changed on 03/31/2015 at 12:06:17 PM by matze

  • Blocking 2242 added

comment:2 Changed on 11/17/2016 at 01:58:56 PM by poz2k4444

  • Tester set to Unknown
  • Verified working unset

This is fairly trivial indeed on the config file but nginx need to be recompiled since it doesn't have the digest auth out of the box but as a third party module:

So I'm postponing this implementation for now.

comment:3 Changed on 10/24/2017 at 02:36:35 PM by matze

  • Resolution set to incomplete
  • Status changed from new to closed

Obsolete by now. And arguably ever since we ensure all services to be available via HTTPS only, which significantly limits the number of scenarios where the credentials would be passed in clear-text (e.g. a browser session with cached credentials and explicit access to an http resource on the same domain).

Add Comment

Modify Ticket

Change Properties
as closed .
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from (none).
Note: See TracTickets for help on using tickets.