graphite-dev team mailing list archive

Thread
Date

[Question #201961]: Auth for the web app does not work - How to set

To: graphite-dev@xxxxxxxxxxxxxxxxxxx
From: david <question201961@xxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 01 Jul 2012 16:11:10 -0000
Reply-to: question201961@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

New question #201961 on Graphite:
https://answers.launchpad.net/graphite/+question/201961

Hi,

I have grahpite 9.10 installed.  when I go to the website www.mydomain.com I am taken to the dashboard.  If I click in the login, yes I can auth but it kinda defeats the purpose since since the app is available to the public.

I am by no means an apache expert.  How do I modify the below to allow for complete protection so graphite allows for auth?  Or at least redirected to the login page.  As of now, I am un protected.

Thanks


WSGISocketPrefix /etc/httpd/wsgi/

<VirtualHost *:80>
        ServerName graphite
        DocumentRoot "/opt/graphite/webapp"
        ErrorLog /opt/graphite/storage/log/webapp/error.log
        CustomLog /opt/graphite/storage/log/webapp/access.log common

        # I've found that an equal number of processes & threads tends
        # to show the best performance for Graphite (ymmv).
        WSGIDaemonProcess graphite processes=5 threads=5 display-name='%{GROUP}' inactivity-timeout=120
        WSGIProcessGroup graphite
        WSGIApplicationGroup %{GLOBAL}
        WSGIImportScript /opt/graphite/conf/graphite.wsgi process-group=graphite application-group=%{GLOBAL}

        # XXX You will need to create this file! There is a graphite.wsgi.example
        # file in this directory that you can safely use, just copy it to graphite.wgsi
        WSGIScriptAlias / /opt/graphite/conf/graphite.wsgi 

        Alias /content/ /opt/graphite/webapp/content/
        <Location "/content/">
                SetHandler None
        </Location>

        # XXX In order for the django admin site media to work you
        # must change @DJANGO_ROOT@ to be the path to your django
        # installation, which is probably something like:
        # /usr/lib/python2.6/site-packages/django
        Alias /media/ "@DJANGO_ROOT@/contrib/admin/media/"
        <Location "/media/">
                SetHandler None
        </Location>

        # The graphite.wsgi file has to be accessible by apache. It won't
        # be visible to clients because of the DocumentRoot though.
        <Directory /opt/graphite/conf/>
                Order deny,allow
                Allow from all
        </Directory>
        
        #<Location "/">
        #	Allow from 120.28.170.241 
		#    AuthType Basic
		#    AuthName "Under Construction"
		#    AuthUserFile /opt/graphite/sec/.mypasswds
		#    require user admin
		#    #AuthGroupFile /opt/graphite/sec/.mygroups
		#    #Require group managers
		#</Location>  
        

</VirtualHost>

-- 
You received this question notification because you are a member of
graphite-dev, which is an answer contact for Graphite.