Http authorization monitoring

RY1 · July 31, 2008, 9:22am

Hi all,

Except the network drive monitoring which I have posted before, I have a problem to monitor http server with authorization , the web server program is PHP, I want to use nagios to monitor the first page + try to login. It seems doesn’t work, is it related to PHP “POST” problem? or any idea to moniotr PHP web server + Auth requirement? Thanks.

Loose · July 31, 2008, 9:36am

Hi!

could you post some of your config files, to see how you’re configuring your services ?

RY1 · July 31, 2008, 9:46am

Thanks,
I had use the command to test it

/usr/local/nagios/libexec/check_http --authorization=admin:abc123 -w 5 -c 10 -H 10.2.40.164 -u /checklogin/
(For this one, the web program is PHP, even the authorization information is wrong, I see get the message “HTTP OK - HTTP/1.1 302 - 0.214 second response time |time=0.214214s;5.000000;10.000000;0.000000 size=537B;;;0
”
/usr/local/nagios/libexec/check_http --authorization=nagiosadmin:nagiosadmin -w 5 -c 10 -H 10.2.40.164 -u /nagios/
(For this one, is a simple html problem, the auth is working)

RY1 · July 31, 2008, 9:54am

(Revised) /usr/local/nagios/libexec/check_http --authorization=nagiosadmin:nagiosadmin -w 5 -c 10 -H 10.2.40.164 -u /nagios/
(For this one, is a simple html program, the auth is working)

Loose · July 31, 2008, 11:03am

your problem here is that the server is doing a redirection (that’s what the code “302” means).
To follow a redirection, add “-f follow” in your command line

also, don’t hesitate to use “-v” when testing: the verbose option writes what the plugin receives from the server; this might help you troubleshot your problems

hope this helps

RY1 · July 31, 2008, 11:17am

Thanks, Thanks.
However, I have added “-f follow” paramter, it seems still noe work.
/usr/local/nagios/libexec/check_http --authorization=bob:bob -w 5 -c 10 -H 10.2.40.164 -f follow -u /index.php/main/checklogin/
HTTP OK HTTP/1.1 200 OK - 5545 bytes in 0.453 seconds |time=0.453338s;5.000000;10.000000;0.000000 size=5545B;;;0

Strides · August 5, 2008, 2:24pm

Just wondering, does that second page uses basic authentication at all (i.e. when you open in a browser does the popup box appear for you to enter your user/pass) or is it the case that there is a user/pass login form integral to that page? If it is the later, check_http’s -a option only supports basic auth (i.e. the former ‘challenge’ style that appears with a popup box before you can view a webpage) and doesn’t know anything about filling in integral forms, so I suspect that the OK you are seeing is correct in that it has ‘successfully’ retireved the webpage that contains the login form, although that isn’t doing what you want it to do…