For the login to the Web interface, Nagios takes the user who has authenticated himself to the Web server, usually Apache. In principle it makes no difference how this authentication comes about, but the name of the contact must match the user name passed on to the CGI programs from the Web server. Nagios is quite tolerant in terms of its name conventions here. Even user names such as
EXAMPLE/wob are possible. This is enabled by single sign-on (SSO), which means that users only need to log on a single time. Ideally, all applications should accept the authentication that has already been performed, and the user will not be asked for a password every time.
Security experts ...