You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by dphillips <dp...@csenergy.com.au> on 2005/09/21 02:42:29 UTC
[users@httpd] mod_rewrite/mod_auth_* : Trying to use REMOTE_USER env
Hi
I am trying to use Apache to act as a proxy/reverse-proxy which will
authenticate the users, update the header with the authetication
information and then forward the request an Application Web Server.
I'm using the mod_auth_sspi to authenticate and I have used the
<Location /> to validate the users.
I found a great reply in this forum for how to propagate the
REMOTE_USER etc to the Application Web Server and this works well.
However, we I try and use the REMOTE_USER it is NULL.
I think that my http.conf is not quite right and the rewrite rules are
forwarding the request before the authetication modules have run.
Here is the VirtualHost section from the http.conf
RewriteEngine On
RewriteLog "c:/WebServ/logs/httpd/rewrite.log"
RewriteLogLevel 9
RewriteCond %{REMOTE_USER} (.*)
RewriteRule .* - [E=R_U:%1]
RequestHeader add REMOTE-USER %{R_U}e
RewriteCond %{QUERY_STRING} (.+)
RewriteRule (^/irj/.*)
http://h1703910:8011/$1?%1 [P]
RewriteRule (^/irj) http://h1703910:8011/$1
[P]
<Location />
AllowOverride None
Options None
Order allow,deny
Allow from all
AuthName "Login using your NT username and
password"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative Off
SSPIOfferBasic Off
require valid-user
</Location>
What is the correct way to do this or am I on the wrong track?
Thanks in advance.
Doug Phillips
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite/mod_auth_* : Trying to use REMOTE_USER env
Posted by Joshua Slive <js...@gmail.com>.
On 9/20/05, dphillips <dp...@csenergy.com.au> wrote:
> Hi
>
> I am trying to use Apache to act as a proxy/reverse-proxy which will
> authenticate the users, update the header with the authetication
> information and then forward the request an Application Web Server.
>
>
> I'm using the mod_auth_sspi to authenticate and I have used the
> <Location /> to validate the users.
>
> I found a great reply in this forum for how to propagate the
> REMOTE_USER etc to the Application Web Server and this works well.
> However, we I try and use the REMOTE_USER it is NULL.
>
> I think that my http.conf is not quite right and the rewrite rules are
> forwarding the request before the authetication modules have run.
>
> Here is the VirtualHost section from the http.conf
> RewriteEngine On
> RewriteLog "c:/WebServ/logs/httpd/rewrite.log"
> RewriteLogLevel 9
> RewriteCond %{REMOTE_USER} (.*)
Check the mod_rewrite docs, you'll see that you need to use
%{LA-U:REMOTE_USER} because this variable is not yet set at the time
that mod_rewrite is run on the request.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org