Issue with OAuth2

[stwongst]

Hello,

We enabled Thruk to authenticate with Keycloak through OAuth2. We've got 2 issues:

• as the REMOTE_USER apache environment variable is not set, integration with tools like Nagvis that depends on Apache authentication doesn't work.
• the logout URL points to logout endpoint on Keycloak. This makes the logout button doesn't work if user login as local user. Can we have option to logout both ?

Thanks and Regards

[stwongst]

Update: found that $_SERVER[REMOTE_USER] is defined no matter using local authentication or OAuth2. However, other application on the same Apache can't get this variable for single sign on. Is it possible to do so?

Seems Thruk is not using Apache basic authen, also unable to do single sign on with other applications under same Apache authentication realm.

Would anyone please help? Thanks and Regards

[sni]

You need to integrate nagvis into your oauth itself, they are 2 separate tools. It is possible to use Thruk as entry point for all monitoring related tools, like we do in OMD. But that requires a lot of apache dark magic and even more when oauth is involved. But you can have a look at the OMD apache config here: https://github.com/ConSol-Monitoring/omd/tree/labs/packages/thruk/skel/etc/thruk maybe that helps. Probably easier to switch nagvis to oauth if that's possible.

[stwongst]

Got it. Will try to study the easier way first :-)

Thanks a lot.