search

centreon / centreon-archived

Centreon is a network, system and application monitoring tool. Centreon is the only AIOps Platform Providing Holistic Visibility to Complex IT Workflows from Cloud to Edge.
https://www.centreon.com
GNU General Public License v2.0
575 stars 240 forks source link

21.10.13 - API user with admin privileges no longer able to authenticate #11994

Open flex-pgum opened 1 year ago

flex-pgum commented 1 year ago

BUG REPORT INFORMATION

Prerequisites

The opened issue, must be code related. GitHub is not meant for support. Feel free to check the CONTRIBUTING section for more details.

Versions

Centreon Web 21.10.13

Operating System

CentOS 7

Browser used

Description

-- Describe the encountered issue --

Steps to Reproduce

Please describe precisely the steps to reproduce the encountered issue.

  1. Create new user with following permissions:
    • admin: true
    • reach api configuration: true
    • reach api realtime: true
    • reach centreon front-end: false
  2. Call the authenticate endpoint with the credentials of the newly created user using curl or postman ("{server}/centreon/api/latest/login")

Describe the received result

HTTP 401 Unauthorized

Describe the expected result

json containing a token

Additional relevant information (e.g. frequency, ...)

already found the cause for this problem: in the 21.10.13 patch was a change to the "www/class/centreonAuth.class.php" on line 234 regarding the login requirements

it would be very helpful for not just us but i would say everyone, when a user who is only used for accessing the api is able to get a token but not able to reach the frontend because he doesn't need it

itsul commented 1 year ago

We can confirm this issue too. We are using a API Users for scripts which stop working on 21.10.13. We had to give the users the permissoin to reach the centreon front-end. Else we got the same error. The behavior should be changed as before.