You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by FORAMITTI Laurent <la...@nrb.be> on 2007/04/27 16:36:50 UTC
Apache Http Server Authentication/Authorisation
Hi,
I have a Apache Http Server, this apache is my front end and protects
some resource on my AppServer.
To protect I use .htaccess and mod_auth..
So I would like to know how is it possible to configure Apache to send
some informations about the authenticated user to my AppServer ?
Is it possible to add some values to the http header before that the
mod_jk or mod_wl forward the request to my AppServer ?
Thanks
Re: Apache Http Server Authentication/Authorisation
Posted by Joshua Slive <jo...@slive.ca>.
On 4/27/07, FORAMITTI Laurent <la...@nrb.be> wrote:
> So I would like to know how is it possible to configure Apache to send some
> informations about the authenticated user to my AppServer ?
>
>
>
> Is it possible to add some values to the http header before that the mod_jk
> or mod_wl forward the request to my AppServer ?
In a modern version of apache, something like this might work:
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule .* - [E=RU:%1]
RequestHeader add REMOTE_USER %{RU}e
(It would work in general with a standard reverse proxy. I'm not sure
if it will work with mod_jk.)
Joshua.
Re: Apache Http Server Authentication/Authorisation
Posted by Guenter Knauf <fu...@apache.org>.
Hi,
> I have a Apache Http Server, this apache is my front end and protects
> some resource on my AppServer.
> To protect I use .htaccess and mod_auth..
> So I would like to know how is it possible to configure Apache to send
> some informations about the authenticated user to my AppServer ?
> Is it possible to add some values to the http header before that the
> mod_jk or mod_wl forward the request to my AppServer ?
what is 'some information' ? the only information available by default is the username;
this appears usually in the REMOTE_USER var; if Tomcat is your AppServer then there ships a sample
/examples/jsp/snp/snoop.jsp
and that shows the remote user properly if I'm authenticated - which shows that mod_jk provides this information properly to at least Tomcat (not tried yet Jetty, or others).
take a look at the snoop.jsp sample and try to implement the call used there in your AppServer.
Guenter.