Checking website with LDAP authentication

Nagios Nagios Plugins support
1

I am trying to setup a Nagios check that hits a web address and logs in via an LDAP user and password. Using a browser, the website returns a pop-up box asking for username and password. I have tried using the check_http plugin with no success.

check_http -H foo.domain.com -u /path_to_secure -S -s “string I am looking for” -a ‘user:password’

The web server log shows the connection coming in but I get an authorization failed (401). We have Sitescope logging into this website and working just fine.

Any ideas or recommendations on how to monitor this?

2

you should have a log of the authentication attempts… is there anything? or nothing at all?

3

I run the check with the -v option and get the following:

GET /discoverer/viewer HTTP/1.0
User-Agent: check_http/v1861 (nagios-plugins 1.4.11)
Connection: close
Host: foo.com
Authorization: Basic c2l0ZXNjb3BlOnBhc3MxMjNcIQ==

foo.com:443/discoverer/viewer is 557 characters
STATUS: HTTP/1.1 401 Unauthorized
**** HEADER ****
Server: Sun-ONE-Web-Server/6.1
Date: Mon, 22 Jun 2009 19:02:50 GMT
Set-Cookie: ObSSOCookie=loggedoutcontinue; path=/; domain=.foo.com;
Set-Cookie: OBBasicAuth=fromDialog; path=/;
WWW-authenticate: basic realm="LDAP username + password"
Set-cookie: OBBasicAuth=fromDialog; path=/;
Connection: close
**** CONTENT ****

Unauthorized

Unauthorized

Proper authorization is required for this area. Either your browser does not perform authorization, or your authorization has failed. HTTP WARNING: HTTP/1.1 401 Unauthorized
4

10.x.x.xxx - - [22/Jun/2009:14:02:50 -0500] “GET /discoverer/viewer HTTP/1.0” 401 223 “-” “check_http/v1861 (nagios-plugins 1.4.11)” 2xx.x.xx.x foo.com

This is on the webserver log file.

5

I figured the problem out. Instead of using the -H and putting in the FQDN of the vhost, I put in its IP address and used the -I option. It worked so I knew something was messing up during the resolution of the name. I tried the -H option again, but this time I just used the name without the foo.com at the end. It worked both from command line and in the services.cfg file. Thought I would pass this along.

6

thanks for sharing :slight_smile: