Articles in this section

See more
Self help
How To
["How To"]
["Geneos > Gateway"]

Geneos - How to use a Windows account with the REST API when the gateway is not using SSO authentication

Avatar
ITRS Support
  • Updated
Follow

The User Authentication section in the Gateway Commands Reference Guide states:

"If the gateway is configured with authentication enabled, then all REST command requests must come with user credentials that the gateway can verify.

The REST service supports two types of user credentials. SSO tokens can be used to authenticate SSO users. User name and password can be used to authenticate users who have passwords configured in the gateway setup.

System logins are not supported, since system credentials are checked by the user interface client (e.g. Active Console), which is not involved in the REST API. However, it is possible to use System login for Active Console users while using password-based authentication for the REST API."

In the Gateway Setup Edit:

- go to the Windows account and add a user defined password

- and make sure the user has the permission to execute the command (map the user to a role with the permission)

Below is an example of a Windows Test User mapped to a role with permission to run all commands except manually snooze:

<userGroup name="noSnooze-Manual">
<roleProperties>
<roleProperty>noSnooze-Manual</roleProperty>
</roleProperties>
<user name="LDN\Test User">
<fullName>Test User for REST - psw is Test User</fullName>
<password>
<encodedPassword>password-id-1</encodedPassword>
</password>
<allowLogin>true</allowLogin>
<allowSystemAuth>true</allowSystemAuth>
<information>
<info>
<type>Email</type>
<value>Test_User@itrsgroup.com</value>
</info>
</information>
</user>
</userGroup>

 

 curl -u "LDN\Test User":"Test User" -X POST -s --data '{"command":"/SNOOZE:time", "target":"//managedEntity[(@name=\"nysupsvr1051187_ssl\")]", "args": { "1": "Snooze for 1 hour testing", "4": 1, "5": 3600} }' http://gatewayHost:gatewayPort/rest/runCommand 

{"status":"finished"}

Gateway log shows the expected output:

<Mon Jul 29 14:50:52> INFO: CommandManager Executing command [/SNOOZE:time] with id [80] for request id [329612]
<Mon Jul 29 14:50:52> INFO: CommandManager Executing command '/SNOOZE:time' on DataItem '/geneos/gateway[(@name="Test_Gateway")]/directory/probe[(@name="nysupsvr1051187_ssl")]/managedEntity[(@name="nysupsvr1051187_ssl")]', issued by user 'LDN\Test User' on '192.168.22.111' using REST service

===================================

Related articles

Comments

0 comments

Please sign in to leave a comment.