Merge branch 'master' of mathias-kettner.de:omd
[omd.git] / packages / thruk / THRUK_COOKIE_AUTH.hook
blob41eee4a735752fb782287c65bdeaedf3b73e22f0
1 #!/bin/bash
3 # Alias: Use thruk cookie auth
4 # Menu: Web GUI
5 # Description:
6 # Thruk provides a cookie based authentication which can be
7 # used as alternative to the default basic authentication.
8 # The cookie authentication is done by Thruk but it
9 # covers all other addons as well.
11 case "$1" in
12 default)
13 echo "off"
15 choices)
16 echo "on: use cookie authentication"
17 echo "off: use basic authentication"
19 set)
20 APACHE_CFG=${OMD_ROOT}/etc/apache/conf.d/thruk_cookie_auth.conf
21 if [ "$2" == "on" ]; then
22 cat > $APACHE_CFG <<EOF
23 <IfModule !mod_authz_core.c>
24 RewriteLock "\${OMD_ROOT}/var/thruk/apache_rewrite.lock"
25 </IfModule>
26 RewriteMap users prg:\${OMD_ROOT}/share/thruk/script/thruk_auth
28 # make cookie accessible by the url
29 RewriteCond %{REQUEST_URI} !^/\${OMD_SITE}/thruk/cgi-bin/restricted.cgi
30 RewriteCond %{HTTP_COOKIE} (thruk_auth=[^;]+|$) [NC]
31 RewriteRule ^/(.*)$ /%1/%{REMOTE_ADDR}/____/\$1/____/%{QUERY_STRING} [C,NS]
32 RewriteRule ^(.*)$ \${users:\$1|/loginbad/} [C,NS]
33 RewriteRule ^/pass/(.*)$ /\$1 [NS,PT,L,E=!REMOTE_USER]
34 RewriteRule ^/redirect/(.*)$ /\$1 [NS,L,R=302]
35 RewriteRule ^/loginok/([^/]+)/(.*)$ /\$2 [NS,PT,L,E=REMOTE_USER:\$1]
37 <LocationMatch ^/\${OMD_SITE}/(?!thruk/cgi-bin/restricted.cgi)>
38 Order allow,deny
39 Allow from all
40 Satisfy any
41 </LocationMatch>
42 EOF
43 else
44 rm -f $APACHE_CFG
47 esac