Hello,
after some digging into the Web interface code, I've managed the way to have zabbix authenticate an user using TWO different authentication method (LDAP + HTTP but also INTERNAL + HTTP).
This hack was required to both gain SSO experience when using machines in LAN and allow Android applications when outside.
Basically, I've configured 2 apache aliases, one for inside LAN and the other for outside: in the inside one I've configured NTLM Authentication, while in the outside no authentication is configured.
Then I enabled LDAP authentication to my Microsoft Active Directory domain.
Finally, I edited 3 php files to "switch" the authentication method to HTTP when the web server passes the REMOTE_USER env variable.
If someone is interested in my hack, will post the code details here.
Bye
P.S.
Of course, you need to edit the files every time you upgrade the web interface.
after some digging into the Web interface code, I've managed the way to have zabbix authenticate an user using TWO different authentication method (LDAP + HTTP but also INTERNAL + HTTP).
This hack was required to both gain SSO experience when using machines in LAN and allow Android applications when outside.
Basically, I've configured 2 apache aliases, one for inside LAN and the other for outside: in the inside one I've configured NTLM Authentication, while in the outside no authentication is configured.
Then I enabled LDAP authentication to my Microsoft Active Directory domain.
Finally, I edited 3 php files to "switch" the authentication method to HTTP when the web server passes the REMOTE_USER env variable.
If someone is interested in my hack, will post the code details here.
Bye
P.S.
Of course, you need to edit the files every time you upgrade the web interface.