mod_auth_openid icon indicating copy to clipboard operation
mod_auth_openid copied to clipboard

Published 20 hours ago verified publisher icon bmuller

REMOTE_USER not available to proxied applications

Open bos opened this issue 13 years ago • 2 comments

I'm using mod_proxy and mod_auth_openid together, with a rewrite rule that should populate the X-Forwarded-User header from the contents of REMOTE_USER:

<Proxy *>
    AuthType OpenID
    require valid-user

    RewriteCond %{LA-U:REMOTE_USER} (.+)
    RewriteRule . - [E=RU:%1]
    RequestHeader add X-Forwarded-User %{RU}e
</Proxy>

The trouble is that the header set in the proxied requests always looks like this:

X-Forwarded-User: (null)

I can see that the OpenID session cookie is present in the request, though.

According to the mod-proxy-add-user github project, mod_auth_openid may not be setting REMOTE_USER at the right time, which is why it's not available.

bos avatar Mar 29 '11 22:03 bos

I'll try to take a look at this over the weekend.

bmuller avatar Apr 15 '11 20:04 bmuller

I found a workaround to this by adding the following line after r->user is set...

  r->user = apr_pstrdup(r->pool, idchar);
+ apr_table_set(r->headers_in, "X-Forwarded-User", r->user);

ghost avatar Jun 28 '11 04:06 ghost