How do I set REMOTE_USER in a HTTP header?
Solution 1
do NOT use the following, because you will get into trouble with execution phases if the REMOTE_USER is set with a module like mod_authn_ntlm (ntlm with local computer, see https://support.microsoft.com/en-us/kb/896861).
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User %{RU}e
instead use the following methods:
RequestHeader set X-Remote-User expr=%{REMOTE_USER}
there is also a solution with mod_ssl
RequestHeader set X-Remote-User %{REMOTE_USER}s
Solution 2
In Apache 2.2 server we gave below configuration. We have C# ASP.NET Core 2.1 application and in our HTTP Request header we get user name like below
<LocationMatch ^/mylocation>
AuthName "NTLM Authentication"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
NTLMBasicRealm xxx_yy
AuthType NTLM
require valid-user
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User %{RU}e
</LocationMatch>
In our C# ASP.NET Core 2.1 application application we get below in HTTP Request Header
Key: X-Remote-User, Value=xxx_yy\abcdefg
Admin
Updated on June 05, 2020Comments
-
Admin almost 4 years
I've got an issue with my Apache settings.
I installed a web application that partly accepts external authentication:
- I use Apache to manage the access to my application web pages.
- If the authentication is successful, the environment variable REMOTE_USER is set with the user's name.
- Then the user name is passed to my application through the HTTP header so the application opens on the user session.
- This is mostly an Apache configuration for the application. I only set the name of the variable (HTTP header) that contains the username in my application config file.
Here is the issue : I can authenticate successfully (most of the time) but my HTTP header is set to null.
Some additional details :
- I use Apache and the mod_perl modules (AuthenNIS + AuthzNIS + Net-NIS) to authenticate to my app with NIS account.
With the following Apache config file I have the authentication form when I try to access my application but the REMOTE_USER header is set to null.
Listen 2208 <VirtualHost *:2208> RewriteEngine on DocumentRoot "/path/to/static" <Directory "/path/to/static"> Options +Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny Allow from all AuthType Basic AuthName "Authentifiez vous" PerlAuthenHandler Apache2::AuthenNIS PerlAuthzHandler Apache2::AuthzNIS PerlSetVar AllowAlternateAuth no require valid-user </Directory> RewriteEngine on RewriteRule . - [E=RU:%{LA-U:REMOTE_USER}] RequestHeader set REMOTE_USER %{RU}e RewriteRule ^/apps$ /apps/ [R] RewriteRule ^/static/style/(.*) /path/to/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /path/to/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /path/to/static/$1 [L] RewriteRule ^/favicon.ico /path/to/static/favicon.ico [L] RewriteRule ^/robots.txt /path/to/static/robots.txt [L] RewriteRule ^(.*) http://localhost:2209$1 [P] </VirtualHost>
If I set RequestHeader set REMOTE_USER "username" the application opens on the corresponding user session.
To see the value of REMOTE_USER I use the Firebug Firefox module to display the values of the http header + my application has a script that displays the value of variables passed to it.
I tested an almost identical Apache configuration on an index.php page that displays the values of server variables in a http request. The difference lies in the RewriteRules.
<?PHP foreach($_SERVER as $key_name => $key_value) { print $key_name . " = " . $key_value . "<br>"; } ?>In this case, I get a REMOTE_USER et HTTP_REMOTE_USER with a username value.
I don't understand where my problem lies.
Apache 2.2.31 RedHat 6.5
Thanks in advance !