fyi…
ok… are you a checkmk user? did you use checkmk dashboards? if yes, how do you use it?
if you have a better solution, tell me 
if not, i don’t understand your comment…
Nice point @checknl . How about a little howto?
2 Likes
I am not quite sure, why the forum software suggested this thread to me, but…
The blog by @dns_es dns_es is actually a longer and more detailed version, of how we explain this in our official user guide: Users, roles and permissions - Authorization and user configuration
Though I do understand @checknl’s interjection about not putting the password and username in the url. Though I would always say, that it depends very very much on where and how this is used. I would know a lot of situations, where I would be totally fine with this solution.
There is one more thing though, that might lessen the concern here. You can use the so-called Nagios macros in the URL to mask the username and password in the URL. There is a file in your Checkmk site called
~/nagios/resource.cfg
You can simply add lines there and use these macros in your URL then. Of course, you will then have the password in plaintext in that file, but hopefully not a lot of people have access to this on your Checkmk server, right?
Add this to the resource.cfg:
$kioskuserpassword$=mykioskuserpassword
Then use this macro in the URL:
https://mycmkserver/mysite/check_mk/login.py?_origtarget=/mysite/check_mk/dashboard.py?name=mydashboard&_username=mykioskuser&_password=%kioskuserpassword%&_login=1
2 Likes
Thanks for the flowers 
Your hints are very welcome thank you. I will give it a try and if it works i´ll update the blog post.
of course, yes
kind regards,
Dennis
hi Guys,
I used your manual and this thread to configure this in our Office and Display a Dashboard on a Monitor for everybody in the IT-Department.
Now i upgraded to CMK 2.2.0 and since than the autologin doenst work anymore.-
If you try to open the Dashboard via this link:
http://Server_IP/Instancename/check_mk/login.py?_origtarget=/Instancename/check_mk/dashboard.py?name=simple_problems_stw&_username=kioskuser&_password=kioskpassword&_login=1
(i replaced all interna like the name of the instace, credentials in this)
you get following message:
(MEthod not allowed)
The Credentials are filled in anyway and you can click on Login.
This leads to the desired Dashboard.
Any solution to this?
Thx in Advance
Regards
Gregor
Have you tried with an automation user?
The URL remains the same. Just replace _password with _secret .
3 Likes
Tried your advice: worked perfectly! thx for the hint.
I didnt try this way because in the past i wasnt able to get it running with a secret.
But now it works like a charme.
Thx for your fast reply
Same problem but for me not work, what can i do?
Can you give insight as to what is the response when you attempt this ?
-
are you using any form of federative authentication ( SAML/OIDC) to login to CMK ?
-
Glowsome
Under 2.1, this worked fine for me passing the _username and _password in the URL.
I upgraded to 2.2. I’m using LDAP for my auth. Using the same local user, I set a secret. When I use the URL constructed with _secret, I get the login form - no other errors or feedback.
Interestingly, if I pass an incorrect secret, I get the method not allowed error message instead of nothing.
Aaaand 2.2 broke iframes including it in a smashing dashboard with the content security policy modifications. CSP has changed so my additional conf file with CSP edits wasn’t working. Now I’m through that and back to trying to get the autologin working.
Well I can’t make it work. Passing credentials in the URL doesn’t work. And if I nest it in an iframe, I can’t do an interactive login. I’ve tried stripping out all of the CSP rules and that didn’t help.
I’m back to 2.1 and it all works again with my dashboard host added to the CSP.
hi,
same problems. with 2.1 it works, with 2.2 i get the message method not allowed
br
Hello, unfortunately same behaviour with our instance at version 2.2.0p16. We used a workaround where we set the idle timeout for a user to unlimited and interactively login once. But this isn’t really convenient. So if there’s any fix to this issue, please let me know. Thank you!
1 Like
In Checkmk 2.2, you have to now manually enable login using HTTP GET to avoid unintentional leakage of user credentials in Apache’s access logs. See this Manual enablement of login using HTTP GET to avoid unintentional leakage of user credentials in Apache's access logs and Users, roles and permissions - User and authorization configuration
Thanks a lot!! Your solution fixed this issue for us.
Hi @sebkir ,
i tried that with checkmk 2.1 and 2.2 now but was not able to auto login when setting the password as a nagios macro in resource.cfg.
Is there anything i need to be aware of ?
The auto login in the browser with the same values worked.
Yes you are right the only way to get this working you need to set this toggle. BUT the login by GET parameters will be removed in v2.5 completely, so it’s a dead horse.
Any other ideas to automaticly login? We want to show some dashboard on a kiosk solution.
Me too!
Working for a service provider, we have been recommending CheckMK to customers (in Germany) a lot and one key advantage over other solutions have been the dashboards. Usually, we installed some kind of display on a central place within the admin’s office which shows a CheckMK dashboard.
This display might have been a large monitor or tv powered by a Raspi or even a tablet with some kiosk mode browser (Budget Tipp: The Amazon Fire HD Tablet does not display advertisements if you don’t register it and a kiosk mode app is available as apk ).
Log story short: It would be very nice if someone had some hints how to get kiosk mode displays working again…
1 Like
My Version is Checkmk Raw Edition 2.3.0p7
and I tried serveral styles of url and “Normal user login with password” and “Automation secret for machine accounts” and none is working.
http://<myserver>/<myinstance>/check_mk/login.py?_username=auto&_secret=abc123def456&_origtarget=/<myinstance>/check_mk/dashboard.py&_login=1
http://<myserver>/<myinstance>/check_mk/login.py?_username=auto&_secret=abc123def456
I am sure there is a solution.