1.8 and I think 1.8.1 do not allow HTTP authentication to be used with the JSON API. In 1.8 this is caused by the $auth_type being statically set to ZBX_AUTH_INTERNAL. With the latest from SVN it sets $auth_type based on the config. However the stock code requires that the user provide the right password even when LDAP or HTTP auth is in use. The patch below should keep it from requiring the right password if HTTP or LDAP auth is in use. Please note that I have not tested this since I don't have a dev box setup.
-Paul
-Paul
Code:
Index: frontends/php/api/classes/class.cuser.php
===================================================================
--- frontends/php/api/classes/class.cuser.php (revision 10131)
+++ frontends/php/api/classes/class.cuser.php (working copy)
@@ -376,7 +376,7 @@
}
}
- if($login){
+ if($login && $auth_type==ZBX_AUTH_INTERNAL){
$sql = 'SELECT u.userid,u.alias,u.name,u.surname,u.url,u.refresh,u.passwd '.
' FROM users u, users_groups ug, usrgrp g '.
' WHERE u.alias='.zbx_dbstr($name).