On 27.08.2013 19:16, Schmiechen, Sarah wrote: > Thanks Michael - I'll look into this. Would this be worth documenting if I > get it working?
Sure :) The wiki works even faster now with confluence 5 and some jvm tuning so everyone should get their hands dirty on the howtos over there. > > -- > SWAMP Developer, High Throughput Computing Group > Indiana University Research Technologies division of UITS; Research > Technologies is a PTI Cyberinfrastructure& Service Center. > > > > > > > On 8/14/13 6:17 AM, "Michael Friedrich"<[email protected]> > wrote: > >> On 13.08.2013 16:33, Schmiechen, Sarah wrote: >>> Thanks Michael. >>> >>> If I do a second installation that I want to be completely public, can >>> I just bypass this and turn off authentication altogether? It doesn't >>> seem that I can turn off internal authentication without getting an >>> error. We want this dashboard to be completely public, not restricted by >>> IP or anything like that. >> >> "disabling" the internal authentication is done by using a different >> auth provider (like http basic auth) and taking care of the >> authentication variables yourself. >> >> having basic auth, you'll get the popup for login and cannot proceed if >> incorrect information is entered. though, telling apache to use >> SatisfyAny may allow access from different authentication methods than >> plain basic http auth. you'll just need to take care of the required >> variable REMOTE_USER (as for example the classic ui requires that >> attribute to match on the contacts and authorization). >> >> Tricks like SetEnvIf may help here as well, for details refer to the >> apache documentation. >> >> Other than that, it would be reasonable to just disable the >> authentication in your apache configuration, and just passing the >> default user name. >> >>> >>> Would it make sense to insert a link in the UI from the public >>> installation to the protected instance's login screen, and then redirect >>> on logout from the protected instance to the public instance, to >>> simulate logging in and out of one instance? >> >> I would hide the protected interface's url at all cost. no public >> access, and likely put on a different webserver too. the public one >> should only be exposed on a webserver being prepared for that traffic. >> and it should get a different idoutils db user (grants for select and >> execute only) having only read privilegues. further you may keep an eye >> on the amount of data queries (monitor the public interface). people >> tend to do crazy things with websites, especially when they think they >> are "funny" making the sysadmins angry. >> >> kind regards, >> michael >> -- >> DI (FH) Michael Friedrich >> >> mail: [email protected] >> twitter: https://twitter.com/dnsmichi >> jabber: [email protected] >> irc: irc.freenode.net/icinga dnsmichi >> >> icinga open source monitoring >> position: lead core developer >> url: https://www.icinga.org >> >> -------------------------------------------------------------------------- >> ---- >> Get 100% visibility into Java/.NET code with AppDynamics Lite! >> It's a free troubleshooting tool designed for production. >> Get down to code-level detail for bottlenecks, with<2% overhead. >> Download for free and get started troubleshooting in minutes. >> http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktr >> k >> _______________________________________________ >> icinga-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/icinga-users > > > ------------------------------------------------------------------------------ > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > _______________________________________________ > icinga-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/icinga-users -- DI (FH) Michael Friedrich mail: [email protected] twitter: https://twitter.com/dnsmichi jabber: [email protected] irc: irc.freenode.net/icinga dnsmichi icinga open source monitoring position: lead core developer url: https://www.icinga.org ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk _______________________________________________ icinga-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/icinga-users
