Send modauthtkt-users mailing list submissions to
modauthtkt-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/modauthtkt-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of modauthtkt-users digest..."
Today's Topics:
1. mod_auth_tkt and RequestHeader... (Neil A. Hillard)
2. Re: mod_auth_tkt and RequestHeader... (Joost Cassee)
3. Re: mod_auth_tkt and RequestHeader... (Joost Cassee)
4. Re: mod_auth_tkt and RequestHeader... (Joost Cassee)
----------------------------------------------------------------------
Message: 1
Date: Fri, 24 Nov 2006 10:55:05 +0000
From: "Neil A. Hillard" <[EMAIL PROTECTED]>
Subject: [modauthtkt-users] mod_auth_tkt and RequestHeader...
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1
Hi,
I've posted this question to the Apache users mailing list but thought
it might be more appropriate here.
I'm looking at resolving an internal authentication issue we have and
I'm currently having a problem with mod_auth_tkt and the RequestHeader.
mod_auth_tkt has been successfully configured. I'm generating the
appropriate cookie, mod_auth_tkt is seeing it and setting the
REMOTE_USER header appropriately (which can be seen by a local PHP
script). I need to pass this value in a custom header to a backend web
server and that's where the problem lies.
My configuration is:
<Location ~ /[^l][^o][^g][^i][^n]>
TKTAuthCookieName sso
TKTAuthIgnoreIP on
TKTAuthLoginURL http://server.domain.co.uk/login/
require valid-user
#
# Add the authenticated user to the request header
#
RewriteRule .* - [env=RU:%{LA-U:REMOTE_USER}]
RequestHeader set X-PRIVATE-Authenticated-User %{RU}e
</Location>
The value of X-PRIVATE-Authenticated-User as seen by the backend server
is always '(null)'.
I've successfully used the same two lines when using mod_auth_ldap so
suspect that it's something that mod_auth_tkt is (or isn't) doing.
Any assistance or advice would be appreciated.
Many thanks in advance,
Neil.
--
Neil Hillard [EMAIL PROTECTED]
AgustaWestland http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
views of Westland Helicopters Ltd.
------------------------------
Message: 2
Date: Fri, 24 Nov 2006 14:19:51 +0100
From: Joost Cassee <[EMAIL PROTECTED]>
Subject: Re: [modauthtkt-users] mod_auth_tkt and RequestHeader...
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
On 24/11/2006 11:55, Neil A. Hillard wrote:
> My configuration is:
>
> <Location ~ /[^l][^o][^g][^i][^n]>
I don't know about the rest, but this regular expression does not match
what you think it does. It will, for example, not match "/left.html"
because of the 'l'. Also, it will not match '/a', because it *requires*
five characters after the slash.
Negative matching is generally impossible, unless you use perl's
negative look-ahead / -behind. See
http://www.regular-expressions.info/lookaround.html.
Regards,
Joost
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 542 bytes
Desc: OpenPGP digital signature
Url :
http://sourceforge.net/mailarchive/forum.php?forum=modauthtkt-users/attachments/20061124/a812846e/attachment.bin
------------------------------
Message: 3
Date: Fri, 24 Nov 2006 14:21:56 +0100
From: Joost Cassee <[EMAIL PROTECTED]>
Subject: Re: [modauthtkt-users] mod_auth_tkt and RequestHeader...
Cc: modauthtkt-users@lists.sourceforge.net
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
On 24/11/2006 14:19, Joost Cassee wrote:
> Negative matching is generally impossible, unless you use perl's
> negative look-ahead / -behind. See
> http://www.regular-expressions.info/lookaround.html.
Just to note: this requires Apache 2.2 and a compile-time option. See
http://httpd.apache.org/docs/2.2/new_features_2_2.html.
Regards,
Joost
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 542 bytes
Desc: OpenPGP digital signature
Url :
http://sourceforge.net/mailarchive/forum.php?forum=modauthtkt-users/attachments/20061124/479a9697/attachment.bin
------------------------------
Message: 4
Date: Fri, 24 Nov 2006 14:23:43 +0100
From: Joost Cassee <[EMAIL PROTECTED]>
Subject: Re: [modauthtkt-users] mod_auth_tkt and RequestHeader...
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
On 24/11/2006 14:21, Joost Cassee wrote:
> On 24/11/2006 14:19, Joost Cassee wrote:
>
>> Negative matching is generally impossible, unless you use perl's
>> negative look-ahead / -behind. See
>> http://www.regular-expressions.info/lookaround.html.
>
> Just to note: this requires Apache 2.2 and a compile-time option. See
> http://httpd.apache.org/docs/2.2/new_features_2_2.html.
Aarghh.. no is doesn't:
http://httpd.apache.org/docs/2.0/glossary.html#regex
Sorry!
- Joost
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 542 bytes
Desc: OpenPGP digital signature
Url :
http://sourceforge.net/mailarchive/forum.php?forum=modauthtkt-users/attachments/20061124/5d36f8fa/attachment.bin
------------------------------
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
------------------------------
_______________________________________________
modauthtkt-users mailing list
modauthtkt-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/modauthtkt-users
End of modauthtkt-users Digest, Vol 6, Issue 10
***********************************************
