Hi,
The GET method for https://<cacti>/graph_image.php?tokenauth_userid=<userid>&tokenauth_token=<token> returns an error: "FATAL: You must be logged in to access this area of Cacti".
What could be the reason for this error?
- Plugin: https://github.com/netniV/plugin_tokenauth
- Cacti version 1.2.22
- Plugin Token Authentication enabled
- Account enabled
- Auth token for account enabled
- The token is generated correctly (verification with a public key returns success)
The Token Authentication plugin is not working
Moderators: Developers, Moderators
- TheWitness
- Developer
- Posts: 17007
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: The Token Authentication plugin is not working
You need a session cookie first. If you look at the tests/tools folder, you can find a check_all_pages.sh script to show you how to do it. You simply need to pass the session cookie in each GET or POST.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Re: The Token Authentication plugin is not working
Unfortunately I still get the error: "FATAL: You must be logged in to access this area of Cacti".
$this->temp_cookie = '/tmp/cacti_cookie';
1. I use CURL for download "__csrf_magic"
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
2. I log in using POST data action=login&login_username=admin&login_password=${login_pw}&__csrf_magic=${magic}
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
3. Logging in is correct because in the response I see "Logged in as admin"
4. Execution of the GET request with CURLOPT_COOKIEFILE to graph_image.php returns an error: "FATAL: You must be logged in to access this area of Cacti".
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
$this->temp_cookie = '/tmp/cacti_cookie';
1. I use CURL for download "__csrf_magic"
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
2. I log in using POST data action=login&login_username=admin&login_password=${login_pw}&__csrf_magic=${magic}
curl_setopt($ch, CURLOPT_COOKIEJAR, $this->temp_cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
3. Logging in is correct because in the response I see "Logged in as admin"
4. Execution of the GET request with CURLOPT_COOKIEFILE to graph_image.php returns an error: "FATAL: You must be logged in to access this area of Cacti".
curl_setopt($ch, CURLOPT_COOKIEFILE, $this->temp_cookie);
- TheWitness
- Developer
- Posts: 17007
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: The Token Authentication plugin is not working
You should do a tcpdump + wireshark to ensure things are being passed and authenticated correctly.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
-
- Posts: 1
- Joined: Mon Sep 26, 2022 3:32 am
Re: The Token Authentication plugin is not working
In case someone will face the same problem - it was resolved by enabling guest user in Cacti authentification settings.
- TheWitness
- Developer
- Posts: 17007
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: The Token Authentication plugin is not working
Yea, Guest fixes a lot of problem, but netniV's plugin may make it into Cacti for other reasons in the next 6 months or so.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Who is online
Users browsing this forum: No registered users and 6 guests