You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Martin Kraemer <Ma...@mch.sni.de> on 1997/01/09 15:34:12 UTC

Can a CGI-script find out the AuthUser?

I have a question similar to Michael Smith's:
Can a FastCGI program (or any CGI script, for that matter) find out the
authenticated user, or is his name hidden within Apache?

The value seems to be unavailable in the passed environment, and the Header
lines have been strippd anyway.

Could this value (or AuthGroup value) be passed in the environment,
like in the BrowserMatch implementation?

    Martin
-- 
| S I E M E N S |  <Ma...@mch.sni.de>  |      Siemens Nixdorf
| ------------- |   Voice: +49-89-636-46021     |  Informationssysteme AG
| N I X D O R F |   FAX:   +49-89-636-44994     |   81730 Munich, Germany
~~~~~~~~~~~~~~~~My opinions only, of course; pgp key available on request

Re: Can a CGI-script find out the AuthUser?

Posted by Michael Smith <mj...@cursci.co.uk>.

Martin Kraemer wrote:
> 
> I have a question similar to Michael Smith's:
> Can a FastCGI program (or any CGI script, for that matter) find out the
> authenticated user, or is his name hidden within Apache?
> 
> The value seems to be unavailable in the passed environment, and the Header
> lines have been strippd anyway.
> 
> Could this value (or AuthGroup value) be passed in the environment,
> like in the BrowserMatch implementation?
> 

This is available as the environment variable REMOTE_USER; but make sure
that you have the correct limit directives in the .htaccess file.

Mike