[Xymon] restrict access to Xymon not working as expected

[Raymond, David]

Hi,

I have the same problem as Alessandro. I running SLES 12.2.
Same result, try different way, no prompt of user.

Thanks to help

David Raymond

D: 450.357.7000 x7064 C: 514.603.0986 F: 450.357.7050
www.batiparbarrette.com
[Logo Barrette]


From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Alessandro Tinivelli
Sent: Wednesday, December 14, 2016 12:06 PM
To: xymon at xymon.com
Subject: [Xymon] restrict access to Xymon not working as expected

Hallo everyone,

sorry if the question has already been asked, but i could not find any answer in google:

my brand new xymon installation (Xymon 4.3.27-1.el7.terabithia) on Centos7 has the liens below in apache config file:
I have created the /etc/xymon/xymonpasswd file , but the access is still free with no pass request.
Is there something I did not understand? Should this file located somewhere else?

Thank you in advance
Alessandro

----
# Password file where users with access to these scripts are kept.
    # Although expected in $XYMONHOME/etc/ by the useradm and chpasswd
    # scripts, files here can be read with the "config" message type,
    # which allows status-privileged clients to read arbitrary regular files
    # from the directory.
    #
    # This file should be owned and readable only by the apache server user,
    # and ideally merely a symlink to a location outside of $XYMONHOME/etc/
    #
    # Create it with:
    #   htpasswd -c /etc/xymon/xymonpasswd USERNAME
    #   chown apache:apache /etc/xymon/xymonpasswd
    #   chmod 640 /etc/xymon/xymonpasswd
    # Add more users / change passwords with: "htpasswd /etc/xymon/xymonpasswd USERNAME"
    #
    # You can also use a group file to restrict admin access to members of a
    # group, instead of anyone who is logged in. In that case you must setup
    # the "xymongroups" file, and change the "Require" settings to require
    # a specific group membership. See the Apache docs for more details.

    AuthUserFile /etc/xymon/xymonpasswd
    AuthGroupFile /etc/xymon/xymongroups
    AuthType Basic
    AuthName "Xymon Administration"

    # "valid-user" restricts access to anyone who is logged in.
    Require valid-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20161221/dc1551ff/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 2512 bytes
Desc: image001.gif
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20161221/dc1551ff/attachment.gif>