Restrict access to Sarg Reports page

vmz

Hi, i need to restrict access for a specific user, only in a "Status \ Sarg Reports" page.

Problem is that i have not found this section in User Manager section (Effective Privileges).

Someone knows some solution for add this restriction?

Thanks

marcelloc

If you need access to reports only, access it directly http://pfsense_IP/sarg-reports/

vmz

@marcelloc:

If you need access to reports only, access it directly http://pfsense_IP/sarg-reports/

Thanks marcelloc. But in this case (it works), everybody can access on sarg reports page.
Maybe i need to protect /usr/local/www/sarg-reports with something like htpasswd.

Any idea for do this in pfsense?

marcelloc

@vmz:

Any idea for do this in pfsense?

I'm trying to create reports out of www dir and read it using php inside gui, but I didn't finished it yet.

marcelloc

Finished! :)

I've just published version 0.5 of sarg package with no direct access to sarg reports and included "WebCfg - Status: Sarg reports" user permission.

Now you can create a restricted user with sarg reports view option only.

att,
Marcello Coutinho

vmz

great marcelloc!  ;D

And thanks for the fast solution.

Bruco

I'm sorry to resurrect this old thread, but it's exactly what I'm trying to do as well and I ran into issues.

If I create a user and assign only the WebCfg - Status: Sarg reports permission, then login with that user, it brings me to the Sarg reports page, but then gets stuck in an endless refresh loop.  I've tried with multiple browsers and have the same issue.

Is there some other permission, perhaps on the file level, that I should try making?

Thanks!

Edit: I should add that I'm accessing through http, and on a non-standard port, if that makes a difference.

marcelloc

Are you using the latest sarg package version?

Bruco

Looks like the package version is listed as 2.3.2 pkg v.0.6.1

marcelloc

I've found the problem, reinstall the package in 15 minutes(no version bump).

Thank´s for your feedback. :)

Bruco

No, thank YOU for your hard work!

I'll try re-installing later this evening and report back here with results.

Bruco

Works perfectly!  Thanks again; this is great functionality to have in pfSense!

nutsonnet

Hi,

Sorry for asking same info which may be clearly specified in this thread but it is little difficult for me to understand as new user to Ubuntu and Squid/sarg.

I am running Ubuntu server 12.04 with Squid 3.1 and using Sarg 2.3.2 to track usage of internet. I am not doing any billing or any fancy stuff with Sarg. Everythign works fine for the purpose.

I am able to access sarg reports when i do ipaddress/sarg as well. I want to remove open access to those reports and create users who can authencate and veiw reports. It will be great if somebody can give me detail process how can I assign approriate rights and create users who can just view generated reports only.

Thank you in advance.
Regards,

marcelloc

This package is for pfsense , not for ubuntu. ;)

on ubuntu, you need just an .htaccess on your apache dir/config

nutsonnet

Thank you for reply can you please provide more detail.

Regards,
Chirag

marcelloc

@nutsonnet:

Thank you for reply can you please provide more detail.

two usefull links  ;)

http://bit.ly/VEOcgx

http://sourceforge.net/p/sarg/discussion/363374/thread/ce485ee9

TAG: user_authentication yes|no

#    Allow user authentication in User Reports using .htaccess
#    Parameters: 
#    AuthUserFile    - where the user password file is
#    AuthName    - authentication realm. Eg "Members Only"
#    AuthType    - authenticaion type - basic
#    Require        - authorized users to see the report.
#                                          %u - user report

user_authentication no

AuthUserFile /usr/local/sarg/passwd

AuthName "SARG, Restricted Access"

AuthType Basic

Require user admin %u