[smokeping-users] Smokeping not reacting well with Apache mod_session?

[Alex]

Hi!

I have a site where I run several utilities such as Smokeping, Nagios,
Cacti, Vault, etc, on Apache 2.4, and these sites are "protected" by
Apache's mod_session module.  If a user tries to access any of the
mentioned utilities on our server, they get a login prompt, which saves a
session cookie (i.e. mod_session) site-wide granting access to any of these
restricted tools.

Once a user is authenticated, he's authenticated for everything. In the
case of Smokeping, when a user accesses ourserver.tld/smokeping, they are
prompted for their login credentials, and then the smokeping page is
displayed properly. From there, if they decide to go anywhere else (such as
ourserver.tld/nagios for example) they won't be prompted for credentials
until their cookie expires. However, if a user stays on smokeking and
clicks any of the links within smokeping, such as to view the stats of
various hosts, each time they click a link, they get prompted to
re-authenticate again and again each time they browse within the smokeping
Targets menu.

I am wondering if within the Smokeping code, it might be sending a header
directive to not read cookies, or perhaps itself using cookies which might
be interfering with mod_session?

--
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oetiker.ch/pipermail/smokeping-users/attachments/20170408/75e98100/attachment.html>