Login from a login form on another Website

[cb250]

We are trying to configure our website to allow a customer to login to cacti via a form. In other words, a customer would go to our Website, select Cacti from the list of tools, type in their username and password and login. Currently, the login request is not being granted, but instead directs the user to the standard login screen. We have other tools that work using this method.

Does Cacti require that the login info come from index.php? Any ideas as to how I can make this work? We use the following form:

<form name='login_frm' action='' method='post' onSubmit='return validate(this);'>
<tr>
<td><b>Username:</b></td>
<td><input type='text' name='usr' maxlength=45 /></td>
</tr>
<tr>
<td><b>Password:</b></td>
<td><input type='password' name='pwd' maxlength=15 /></td>
</tr>
<tr>
<td><b>Site:</b></td>
<td>
<select name='sites'>
<option value='http://cacti.domain.com/cacti/index.php ... th</option>
</select>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<input type='submit' name='submit' value=' Login ' />
</td>
</tr>

</form>
</table>



Thanks,

CDB

[rony]

Ok I know this code like the back of my hand.... Well, better, as I don't look at the back of my hand as much..

1. Form method must be POST
2. Username is expected to be passed as "login_username"
3. Password is expected to be passed as "login_password"
4. You will need a hidden variable called "action" with a value of "Login"

How you will do this from your site, well that's up to you. You might have to do some strange things to get it to post right, like have some hidden elements that you copy the values to before you submit the form with javascript. This way you can retain the username/password field names you need for other applications and it will work with cacti.

Also, by not modifing the cacti code, you are in a better position to install upgrades in the future without having to reapply these changes.

Any questions, let me know.

[SJFriedl]

Hmmm, this is helpful... partly.

We have a monitoring page outside of Cacti upon which we placed a {form} which provides this functionality:

(form action="http://myurl.example.com/cacti/" method="POST")
(input type=hidden name="login_username" value="customername")
(input type=hidden name="login_password" value="hispassword")
(input type=hidden name="action" value="login")
(input type=submit value="Go To Cacti")
(/form)

In a fresh browser, this works great. The form is submitted, and Cacti replies with a 302 ("Found") with the redirect to the proper view_graph.php page, and it sets the PHPSESSID cookie. The browser takes this and hits the proper page. All is well.

But if in the same browser session we got back to the first page and click the same form link again, Cacti responds with an access denied error. Sniffing the TCP, I see that the only difference is that the HTTP request includes the PHPSESSID cookie.

That particular session file (/tmp/sess_{longsessionname}) is there, though I haven't dug into the contents.

Using the printf-debugging method, I see that the test

select user_auth_realm.realm_id from user_auth_realm ...

is failing. After a "working" connection, I don't see that user_auth_realm contains a valid {realm,userid} entry, so either it's not being created, or it's getting deleted.

At this point I am way beyond my experience with the GUI - I'm a poller guy - so am appealing to the forum for help.

Any ideas? This is really causing me difficulties.

Steve

[rony]

I can see that happening, and I didn't think it all they way through.

So, your answer, if this is for customers, is to not set the post to the "<server>/cacti/", but to set it to "<server>/cacti/graph_view.php". This should resolve the issue you are having. And should get the customer to the correct URL everytime.

[SJFriedl]

Well this is a segueway into the other problem, perhaps related: when I post to graph_view.php as suggested, it always gives a blank page. If I do the first click from the other page to cacti, the blank page doesn't appear to be logged in as anybody, and if I manually login to get a session in the same browser, then it shows me a blank page with "Logged in as {customer}" in the upper right.

I guess it's back to printf debugging for me

[rony]

Um...

I take that back, because if Guest access is enabled and there is no session, sending it to graph_veiw.php will not work.

Let me ponder, I might have a solution for this issue.

[SJFriedl]

Well we don't want guest access at all: deleting the name of the guest account in Settings -> Authentication seems to have fixed this.

Thanks!

[rony]

Ok, so sending it to graph_view.php with guest access disabled works? And that is what you wanted?

Otherwise, I was going to write a simple gateway login script.