How do I set REMOTE_USER in a HTTP header?

I've got an issue with my Apache settings.

I installed a web application that partly accepts external authentication:

  • I use Apache to manage the access to my application web pages.
  • If the authentication is successful, the environment variable REMOTE_USER is set with the user's name.
  • Then the user name is passed to my application through the HTTP header so the application opens on the user session.
  • This is mostly an Apache configuration for the application. I only set the name of the variable (HTTP header) that contains the username in my application config file.

Here is the issue : I can authenticate successfully (most of the time) but my HTTP header is set to null.

Some additional details :

  • I use Apache and the mod_perl modules (AuthenNIS + AuthzNIS + Net-NIS) to authenticate to my app with NIS account.
  • With the following Apache config file I have the authentication form when I try to access my application but the REMOTE_USER header is set to null.

     Listen 2208 <VirtualHost *:2208> RewriteEngine on DocumentRoot "/path/to/static" <Directory "/path/to/static"> Options +Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny Allow from all AuthType Basic AuthName "Authentifiez vous" PerlAuthenHandler Apache2::AuthenNIS PerlAuthzHandler Apache2::AuthzNIS PerlSetVar AllowAlternateAuth no require valid-user </Directory> RewriteEngine on RewriteRule . - [E=RU:%{LA-U:REMOTE_USER}] RequestHeader set REMOTE_USER %{RU}e RewriteRule ^/apps$ /apps/ [R] RewriteRule ^/static/style/(.*) /path/to/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /path/to/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /path/to/static/$1 [L] RewriteRule ^/favicon.ico /path/to/static/favicon.ico [L] RewriteRule ^/robots.txt /path/to/static/robots.txt [L] RewriteRule ^(.*) [P] </VirtualHost>

If I set RequestHeader set REMOTE_USER "username" the application opens on the corresponding user session.

To see the value of REMOTE_USER I use the Firebug Firefox module to display the values of the http header + my application has a script that displays the value of variables passed to it.

I tested an almost identical Apache configuration on an index.php page that displays the values of server variables in a http request. The difference lies in the RewriteRules.

 <?PHP foreach($_SERVER as $key_name => $key_value) { print $key_name . " = " . $key_value . "<br>"; } ?>

In this case, I get a REMOTE_USER et HTTP_REMOTE_USER with a username value.

I don't understand where my problem lies.

Apache 2.2.31 RedHat 6.5

Thanks in advance !

2 Answers

do NOT use the following, because you will get into trouble with execution phases if the REMOTE_USER is set with a module like mod_authn_ntlm (ntlm with local computer, see ).

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User %{RU}e

instead use the following methods:

RequestHeader set X-Remote-User expr=%{REMOTE_USER}

there is also a solution with mod_ssl

RequestHeader set X-Remote-User %{REMOTE_USER}s
6

In Apache 2.2 server we gave below configuration. We have C# ASP.NET Core 2.1 application and in our HTTP Request header we get user name like below

 <LocationMatch ^/mylocation> AuthName "NTLM Authentication" NTLMAuth on NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp" NTLMBasicAuthoritative on NTLMBasicRealm xxx_yy AuthType NTLM require valid-user RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] RequestHeader set X-Remote-User %{RU}e </LocationMatch>

In our C# ASP.NET Core 2.1 application application we get below in HTTP Request Header

Key: X-Remote-User, Value=xxx_yy\abcdefg

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like