Set header for authorization

On Zabbix version 6.4 and newer there has been a change in the way authentication. Using a bearer token would lead to issues with autheticating using the API as the header did not seem the get passed to the application. This seems to have been known since the release of 6.4 and a bug report is still open. But the bug report also already contained a workaround/fix (https://support.zabbix.com/browse/ZBX-22952).
voxpupuli · Oct 16, 2024 · fe419a8 · fe419a8
1 parent feb6014
commit fe419a8
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/manifests/web.pp b/manifests/web.pp
@@ -343,6 +343,14 @@
       default => $zabbix_api_access.map |$host| { "host ${host}" },
     }
 
+    if versioncmp($zabbix_version, '6.4') >= 0 {
+      $setenvif_auth = [
+        'Authorization "(.*)" HTTP_AUTHORIZATION=$1'
+      ]
+    } else {
+      $setenvif_auth = undef
+    }
+
     apache::vhost { $zabbix_url:
       docroot         => '/usr/share/zabbix',
       ip              => $apache_listen_ip,
@@ -387,6 +395,7 @@
         {
         rewrite_rule => ['^$ /index.php [L]'] }
       ],
+      setenvif        => $setenvif_auth,
       ssl             => $apache_use_ssl,
       ssl_cert        => $apache_ssl_cert,
       ssl_key         => $apache_ssl_key,