This article describes how to add password protection to the ClusterControl web interface. Please note that in this example the directory where wwwroot files are stored is assumed to be:
/var/www/html/cmon/
/var/www/html/cmonapi/
/var/www/html/clustercontrol/
But on Ubuntu/Debian it is by default:
var/www/cmon/
var/www/cmonapi/
var/www/clustercontrol/
1. Look for your htpasswd binary. This tool is usually located in your Apache bin folder. In case you can't find it, run:
find / -name=htpasswd
htpasswd Documentation: http://httpd.apache.org/docs/2.0/programs/htpasswd.html
2. Run the following command to create a .htpasswd file and create an user called "admin". You will be prompted twice for the password. Enter the password for the user "admin".
sudo htpasswd -cm /var/www/html/cmon/.htpasswd admin
3. Create a file named .htaccess under /var/www/html/cmon/, and insert following content. Save it.
AuthType Basic
AuthName "CMON"
AuthUserFile /var/www/html/cmon/.htpasswd
Require valid-user
4. Copy the .htaccess file created above to /var/www/html/cmonapi and /var/www/html/clustercontrol.
cp /var/www/html/cmon/.htaccess /var/www/html/cmonapi
cp /var/www/html/cmon/.htaccess /var/www/html/clustercontrol
5. Edit httpd.conf and add AllowOverride All.
Redhat/Centos/Fedora:
Edit /etc/httpd/conf/httpd.conf and find the following information:
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
and change to:
AllowOverride All
Save and exit your editor.
Ubuntu/Debian:
Edit /etc/apache2/sites-available/default and locate the following section:
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
and change AllowOverride None to:
AllowOverride All
Save and exit your editor.
6. Restart your web server.
Redhat/Centos/Fedora:
sudo /etc/init.d/httpd restart
Ubuntu/Debian:
sudo /etc/init.d/apache2 restart
7. Access your cmon UI page from the browser. You should be prompted to login. Simply key in the username and password you have provided in step 2.
8. To add more users, use the following command. Note that the flag is -m:
./htpasswd -m /var/www/html/cmon/.htpasswd john
Comments
1 comment
Johan,
This would work okay for admin types. However, we may have some folks we'd like to grant read-only type of access ... so they can monitor but not change anything. Is this something on the road map for CMON?
TIA,
George
Please sign in to leave a comment.