A more direct question: Torsten Fellhauer wrote a patch for this back in the 1.2 days. Did that functionality ever make it into mainstream, and if so, how do I config for it?
On Fri, 2008-05-23 at 12:09 -0500, Owen LaGarde wrote: > I've seen reference to using the SSL certificate authentication > performed by httpd to drive Nagios user identification -- the LCG wiki > at https://twiki.cern.ch/twiki/bin/view/LCG/GridMonitoringNagiosInstall > mentions a form of this. I'd like to go a step further and use one of > the environment variables (specifically SSL_CLIENT_S_DN_CN) defined by > mod_ssl to specify the user name. This is primarily driven by a number > of issues -- well outside the scope of this list -- springing from the > DoD's use of this certificate component. The basic idea is to set an > environment variable, say, USERNAME, to SSL_CLIENT_S_DN_CN when mod_ssl > builds the session, and have Nagios honor it as trusted and assign > roles/capabilities to it in the usual places. As an example see Numara > Footprints' use of USERNAME and mod_ssl. Does anyone else do this? > > -- Sincerely, Owen LaGarde Senior Systems Administrator [EMAIL PROTECTED] 1-800-522-6937 x4879 Engineering Research and Development Center attn: CEERD-IH-C (Owen LaGarde) 3909 Halls Ferry Road Vicksburg, MS 39180-6199
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Nagios-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
