Restrict access to Sarg Reports page



  • Hi, i need to restrict access for a specific user, only in a "Status \ Sarg Reports" page.

    Problem is that i have not found this section in User Manager section (Effective Privileges).

    Someone knows some solution for add this restriction?

    Thanks



  • If you need access to reports only, access it directly http://pfsense_IP/sarg-reports/



  • @marcelloc:

    If you need access to reports only, access it directly http://pfsense_IP/sarg-reports/

    Thanks marcelloc. But in this case (it works), everybody can access on sarg reports page.
    Maybe i need to protect /usr/local/www/sarg-reports with something like htpasswd.

    Any idea for do this in pfsense?



  • @vmz:

    Any idea for do this in pfsense?

    I'm trying to create reports out of www dir and read it using php inside gui, but I didn't finished it yet.



  • Finished! :)

    I've just published version 0.5 of sarg package with no direct access to sarg reports and included "WebCfg - Status: Sarg reports" user permission.

    Now you can create a restricted user with sarg reports view option only.

    att,
    Marcello Coutinho



  • great marcelloc!  ;D

    And thanks for the fast solution.



  • I'm sorry to resurrect this old thread, but it's exactly what I'm trying to do as well and I ran into issues.

    If I create a user and assign only the WebCfg - Status: Sarg reports permission, then login with that user, it brings me to the Sarg reports page, but then gets stuck in an endless refresh loop.  I've tried with multiple browsers and have the same issue.

    Is there some other permission, perhaps on the file level, that I should try making?

    Thanks!

    Edit: I should add that I'm accessing through http, and on a non-standard port, if that makes a difference.



  • Are you using the latest sarg package version?



  • Looks like the package version is listed as 2.3.2 pkg v.0.6.1



  • I've found the problem, reinstall the package in 15 minutes(no version bump).

    Thank´s for your feedback. :)



  • No, thank YOU for your hard work!

    I'll try re-installing later this evening and report back here with results.



  • Works perfectly!  Thanks again; this is great functionality to have in pfSense!



  • Hi,

    Sorry for asking same info which may be clearly specified in this thread but it is little difficult for me to understand as new user to Ubuntu and Squid/sarg.

    I am running Ubuntu server 12.04 with Squid 3.1 and using Sarg 2.3.2 to track usage of internet. I am not doing any billing or any fancy stuff with Sarg. Everythign works fine for the purpose.

    I am able to access sarg reports when i do ipaddress/sarg as well. I want to remove open access to those reports and create users who can authencate and veiw reports. It will be great if somebody can give me detail process how can I assign approriate rights and create users who can just view generated reports only.

    Thank you in advance.
    Regards,



  • This package is for pfsense , not for ubuntu. ;)

    on ubuntu, you need just an .htaccess on your apache dir/config



  • Thank you for reply can you please provide more detail.

    Regards,
    Chirag



  • @nutsonnet:

    Thank you for reply can you please provide more detail.

    two usefull links  ;)

    http://bit.ly/VEOcgx

    http://sourceforge.net/p/sarg/discussion/363374/thread/ce485ee9

    TAG: user_authentication yes|no

    #    Allow user authentication in User Reports using .htaccess
    #    Parameters: 
    #    AuthUserFile    - where the user password file is
    #    AuthName    - authentication realm. Eg "Members Only"
    #    AuthType    - authenticaion type - basic
    #    Require        - authorized users to see the report.
    #                                          %u - user report

    user_authentication no

    AuthUserFile /usr/local/sarg/passwd

    AuthName "SARG, Restricted Access"

    AuthType Basic

    Require user admin %u


Locked