In addition to this manual: https://docs.checkmk.com/latest/en/wato_user.html#_automatic_login_via_the_url we will show you when to use which URL for an automatic login via URL
If your site Apache is secured by cookie based authentication
OMD[multisite]:~$ omd config show MULTISITE_COOKIE_AUTH on
the URL for auto login needs to be set like this:
http://localhost/test/check_mk/login.py?_origtarget=/test/check_mk/view.py?view_name=allhosts&_username=cmkadmin&_password=cmk&_login=1
If your site Apache is secured by basic auth, the URL for auto login needs to be set like this:
http://cmkadmin:cmk@localhost/test/check_mk/view.py?view_name=allhosts
The same procedure for Nagios views presenting in an Iframe!
Content Security Policy
Our content security policy by default prevents you from embedding Checkmk into other websites, because being run in arbitrary iframes can be a security problem.
A website can constrain in both sides. Which sites are allowed to be included and which sites are allowed to include us.
To solve this you can add a configuration file, e.g., `etc/apache/conf.d/zzz_iframe.conf` (It must be loaded after etc/apache/conf.d/security.conf) with the following content:
<IfModule mod_headers.c> Header always edit Content-Security-Policy "frame-ancestors 'self' ;" "frame-ancestors 'self' YOUR-SERVER:YOUR-PORT ;" Header always unset X-Frame-Options </IfModule>
What it does is to change the frame-ancestors directive and add a YOUR-SERVER:YOUR-PORT host. (This needs to be changed to the target system). It leaves the remaining CSP header as is.
Be advised: We do not recommend doing this due to the security concerns.
Related articles
Filter by label
There are no items with the selected labels at this time.