Welcome to Questions - Ask OpenNMS, where you can ask questions and receive answers from other members of the community.

http redirect to opennms

0 votes
1,850 views

Hi,

I am trying to understand if it is possible to redirect with password embeded from my web site to opennms.

I saw this that : "When using the jetty webserver (the most common), you have the option of using HTTP basic authentication to provide credentials of a user one of those roles. Note that the webserver will not send a 401 response if you do not provide the credentials up front; rather, it will send back an HTML form. So if you're using wget, you will need the --auth-no-challenge parameter. Other tools will vary in how you force the sending of the credentials on the initial request (for example, some may allow you to embed the username/password in the URL)."

I did some experiments but with no luck. However I don´t know if I am doing the request properly or not.

Does any one had the same problem?

OpenNMS version
asked Jul 7, 2014 by Russo (570 points)

1 Answer

0 votes
I've seen this behavior as a side effect in my setup. I use NGINX as SSL reverse proxy in front of my OpenNMS. I don't want to give everybody the OpenNMS Login screen directly so I configured NGINX with base authentication. If you use the same credentials for the NGINX base authentication as in OpenNMS, you will be directly passed into OpenNMS with this user and you don't have to login twice. The downside of this setup, you have to close the browser completely to login with a different account.
answered Jul 16, 2014 by indigo (11,140 points)
Thanks for the reply, I´ll give it some thought about your approach.
Meanwhile I did a javascript function that handles ( a little bit for brute force) the redirect.

the code is something like this:

<!DOCTYPE html>
<html>
    <head>
        <title>Start Page</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <script src="js/libs/jquery/jquery.js"></script>
        <script src="js/libs/jquery-cookie/jquery.cookie.js"></script>
        <script src="js/libs/jqueryui/jquery-ui.js"></script>
        <script>
            function sim(url) {
                $.ajax({
                    // The 'type' property sets the HTTP method.
                    // A value of 'PUT' or 'DELETE' will trigger a preflight request.
                    type: 'POST',
                    // The URL to make the request to.
                    url: url,
                    // The 'contentType' property sets the 'Content-Type' header.
                    // The JQuery default for this property is
                    // 'application/x-www-form-urlencoded; charset=UTF-8', which does not trigger
                    // a preflight. If you set this value to anything other than
                    // application/x-www-form-urlencoded, multipart/form-data, or text/plain,
                    // you will trigger a preflight request.
                    contentType: 'application/x-www-form-urlencoded',
                    data: {
                        j_username: "admin",
                        j_password: "admin"
                    },
                    dataType: 'html',
                    beforeSend: function(xhr) {
                    },
                    xhrFields: {
                        // The 'xhrFields' property sets additional fields on the XMLHttpRequest.
                        // This can be used to set the 'withCredentials' property.
                        // Set the value to 'true' if you'd like to pass cookies to the server.
                        // If this is enabled, your server must respond with the header
                        // 'Access-Control-Allow-Credentials: true'.
                        withCredentials: true
                    },
                    crossDomain: true
                    ,
                    headers: {
                        // Set any custom headers here.
                        // If you set any non-simple headers, your server must include these
                        // headers in the 'Access-Control-Allow-Headers' response header.

                    },
                    success: function(data, textStatus, jqXHR) {
                        var html = new String(jqXHR.responseText).indexOf("j_spring_security_check") !== -1
                                ? sim("http://10.46.16.85:8980/opennms/j_spring_security_check") : jqXHR.responseText;
                        $("#nhecas").html(html);

                    },
                    error: function() {
                        // Here's where you handle an error response.
                        // Note that if the error was due to a CORS issue,
                        // this function will still fire, but there won't be any additional
                        // information about the error.
                    },
                    statusCode: {
                        302: function() {
                            console.log("302 caccado");
                        }
                    }
                });
            }
            var initialURL='http://10.46.16.85:8980/opennms/graph/results.htm?quiet=true&zoom=true&relativetime=custom&resourceId=node%5b62%5d.nodeSnmp%5b%5d&reports=mplsVpnScalars.mplsVpnActiveVrfs&start=1405409792983&end=1405496192983';
        </script>
    </head>
    <body  onload="sim(initialURL);" id="formId">
        <div  id="nhecas" style="width: 1000px; background: black; height: 500px; "></div>
    </body>
</html>
...