Dagobert Michelsen <d...@opencsw.org> writes: > Hi Peter, > > Am 12.08.2013 um 14:43 schrieb Peter FELECAN <pfele...@opencsw.org>: >> "Maciej (Matchek) Bliziński" <mac...@opencsw.org> writes: >>> 2013/8/12 Peter FELECAN <pfele...@opencsw.org> >>>> >>>>> The place to retrieve the user is here: >>>>> http://sourceforge.net/apps/trac/gar/browser/csw/mgar/gar/v2/lib/web/releases_web.py#L207 >>>> >>>> Alright. This is the receiving end. Where is the emitting end? >>> >>> There's a few stages: the HTTP client uses HTTP basic auth. That is >>> handled by Apache; but squid is doing something to the headers. I'm >>> not sure if we only have a forward proxy or a reverse proxy? >>> >>> What I think we have, is this: >>> HTTP client → squid → Apache → script >> >> Maybe Dago could provide a description of the architecture. >> >> Returning to the REMOTE_USER not being defined, after a cursory look at >> other people having issues with that it seems that even if the >> environment variable is not provided, there is a possibility to obtain >> the remote user from the "authorization" header, see >> http://stackoverflow.com/questions/8495229/remote-user-not-being-set-by-apache2 >> but maybe this is also modified by the proxy. >> >> We need more information about the proxy's configuration. > > You should be able to > ssh web > with your pfelecan account which can also open /etc/opt/csw/squid/squid.conf
Thank you. Can you confirm or correct the architecture hypothesis: HTTP client → squid → Apache → script More I read about this and more it seems that we must implement a rewrite on the proxy to pass the REMOTE_USER. -- Peter _______________________________________________ maintainers mailing list maintainers@lists.opencsw.org https://lists.opencsw.org/mailman/listinfo/maintainers .:: This mailing list's archive is public. ::.