is HTTP Basic AUTH broken?

Discussions related to the 1.36.x series of ZoneMinder
Post Reply
pizzaandcheese
Posts: 2
Joined: Tue Nov 29, 2022 10:24 pm

is HTTP Basic AUTH broken?

Post by pizzaandcheese »

I am trying to configure NPM + Authelia and its not working as expected.

At first I just had NPM and used the builtin ZM auth and that was working wonderfully. I wanted to set up ZM to accept logins from Authelia for the 2FA & easy LDAP integration for easier account management.

When I set everything up and I visit the ZM webui I get forwarded to Authelia to login as expected, once logged in there it forwards me to the ZM login page instead of taking me to my user console inside ZM. I tried using HttpBin to see if the headers were being attached by Authelia and it seems as they're there and ZM doesn't seem to have any logs of ever seeing my HTTP Auth.

Here is my ZM config while trying to get this to work.
zm.PNG
zm.PNG (29.28 KiB) Viewed 376 times
And this is HttpBin behind Authelia showing the needed headers.
httpbin.PNG
httpbin.PNG (31.83 KiB) Viewed 376 times

I tried following recommendations found here with no luck unfortunately. The only thing I am able to make work like this is when ZM auth is turned off. But this removes the ability to apply per user settings which is needed in my case.

Has anyone else attempted this or something like it and been successful?
jogo
Posts: 46
Joined: Thu Aug 03, 2017 3:00 pm

Re: is HTTP Basic AUTH broken?

Post by jogo »

There was a minor issue recently. Which version are you using?

Not auth problem with v1.36.31 or newer.
pizzaandcheese
Posts: 2
Joined: Tue Nov 29, 2022 10:24 pm

Re: is HTTP Basic AUTH broken?

Post by pizzaandcheese »

I am using v1.36.32
I am running it in AlmaLinux 9.1 and am using the nginx version of ZM available in the rpm fusion repo.

I tried disabling authelia and just tried the basic HTTP auth that NPM allows for and came up with the same issue there as well.
Post Reply