GitHub user dosubot[bot] added a comment to the discussion: AUTH_REMOTE_USER is not working after upgrade Apace superset 6.0.0rc4/3
<!-- Answer --> AUTH_REMOTE_USER is still supported in Superset 6.0.0rc3/rc4, but there are multiple reports that it stopped working after the upgrade, even though it worked in 5.0.0. This appears to be a regression or breaking change—no official fix or migration note exists yet, and some users have reverted to 5.0.0 as a workaround [[source]](https://github.com/apache/superset/issues/36117). The most common causes for failures are: the REMOTE_USER environment variable not being set (either by the proxy or by missing middleware), the proxy not forwarding the correct header, or issues with subpath/app root configuration (SUPERSET_APP_ROOT) and middleware ordering. Superset expects either the proxy to inject the username into REMOTE_USER, or for you to use ADDITIONAL_MIDDLEWARE in `superset_config.py` to copy a custom header into REMOTE_USER [[source]](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/docs/docs/configuration/networking-settings.mdx#L134-L141). Here’s a quick checklist: - Confirm AUTH_TYPE = AUTH_REMOTE_USER and AUTH_REMOTE_USER_ENV_VAR are set in your `superset_config.py`. - If your proxy sets a custom header (like HTTP_X_PROXY_REMOTE_USER), add a middleware to copy it to REMOTE_USER and register it in ADDITIONAL_MIDDLEWARE. - Make sure your proxy is forwarding the correct header and not stripping it. - If you’re deploying under a subpath, check your SUPERSET_APP_ROOT and proxy settings—bugs in this area can break authentication and some endpoints may need proxy rewrites as a workaround [[source]](https://github.com/apache/superset/issues/35027#issuecomment-3434981622). Sample middleware for copying a proxy header: ```python class RemoteUserMiddleware(object): def __init__(self, app): self.app = app def __call__(self, environ, start_response): user = environ.pop('HTTP_X_PROXY_REMOTE_USER', None) if user: environ['REMOTE_USER'] = user return self.app(environ, start_response) ADDITIONAL_MIDDLEWARE = [RemoteUserMiddleware] ``` If you’re still stuck, check the open issues and consider sharing your config and logs in the relevant threads. For now, reverting to 5.0.0 is the only confirmed workaround [[source]](https://github.com/apache/superset/issues/36117). <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/012737e6-e020-4f1c-84fa-1ea512cbe87f?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github) [](https://cursor.com/link/prompt?text=AUTH_REMOTE_USER%20is%20still%20supported%20in%20Superset%206.0.0rc3/rc4%2C%20but%20there%20are%20multiple%20reports%20that%20it%20stopped%20working%20after%20the%20upgrade%2C%20even%20though%20it%20worked%20in%205.0.0.%20This%20appears%20to%20be%20a%20regression%20or%20breaking%20change%E2%80%94no%20official%20fix%20or%20migration%20note%20exists%20yet%2C%20and%20some%20users%20have%20reverted%20to%205.0.0%20as%20a%20workaround%20%5B%5Bsource%5D%5D%28https%3A//github.com/apache/superset/issues/36117%29.%0A%0AThe%20most%20common%20causes%20for%20failures%20are%3A%20the%20REMOTE_USER%20environment%20variable%20not%20being%20set%20%28either%20by%20the%20proxy%20or%20by%20missing%20middleware%29%2C%20the%20proxy%20not%20forwarding%20the%20correct%20heade r%2C%20or%20issues%20with%20subpath/app%20root%20configuration%20%28SUPERSET_APP_ROOT%29%20and%20middleware%20ordering.%20Superset%20expects%20either%20the%20proxy%20to%20inject%20the%20username%20into%20REMOTE_USER%2C%20or%20for%20you%20to%20use%20ADDITIONAL_MIDDLEWARE%20in%20%60superset_config.py%60%20to%20copy%20a%20custom%20header%20into%20REMOTE_USER%20%5B%5Bsource%5D%5D%28https%3A//github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/docs/docs/configuration/networking-settings.mdx%23L134-L141%29.%0A%0AHere%E2%80%99s%20a%20quick%20checklist%3A%0A-%20Confirm%20AUTH_TYPE%20%3D%20AUTH_REMOTE_USER%20and%20AUTH_REMOTE_USER_ENV_VAR%20are%20set%20in%20your%20%60superset_config.py%60.%0A-%20If%20your%20proxy%20sets%20a%20custom%20header%20%28like%20HTTP_X_PROXY_REMOTE_USER%29%2C%20add%20a%20middleware%20to%20copy%20it%20to%20REMOTE_USER%20and%20register%20it%20in%20ADDITIONAL_MIDDLEWARE.%0A-%20Make%20sure%20your%20proxy%20is%20forwarding%20the%20correct%20header%20a nd%20not%20stripping%20it.%0A-%20If%20you%E2%80%99re%20deploying%20under%20a%20subpath%2C%20check%20your%20SUPERSET_APP_ROOT%20and%20proxy%20settings%E2%80%94bugs%20in%20this%20area%20can%20break%20authentication%20and%20some%20endpoints%20may%20need%20proxy%20rewrites%20as%20a%20workaround%20%5B%5Bsource%5D%5D%28https%3A//github.com/apache/superset/issues/35027%23issuecomment-3434981622%29.%0A%0ASample%20middleware%20for%20copying%20a%20proxy%20header%3A%0A%60%60%60python%0Aclass%20RemoteUserMiddleware%28object%29%3A%0A%20%20%20%20def%20__init__%28self%2C%20app%29%3A%0A%20%20%20%20%20%20%20%20self.app%20%3D%20app%0A%20%20%20%20def%20__call__%28self%2C%20environ%2C%20start_response%29%3A%0A%20%20%20%20%20%20%20%20user%20%3D%20environ.pop%28%27HTTP_X_PROXY_REMOTE_USER%27%2C%20None%29%0A%20%20%20%20%20%20%20%20if%20user%3A%0A%20%20%20%20%20%20%20%20%20%20%20%20environ%5B%27REMOTE_USER%27%5D%20%3D%20user%0A%20%20%20%20%20%20%20%20return%20self.app%28environ%2C%20start_response%29%0A%0A ADDITIONAL_MIDDLEWARE%20%3D%20%5BRemoteUserMiddleware%5D%0A%60%60%60%0A%0AIf%20you%E2%80%99re%20still%20stuck%2C%20check%20the%20open%20issues%20and%20consider%20sharing%20your%20config%20and%20logs%20in%20the%20relevant%20threads.%20For%20now%2C%20reverting%20to%205.0.0%20is%20the%20only%20confirmed%20workaround%20%5B%5Bsource%5D%5D%28https%3A//github.com/apache/superset/issues/36117%29.) [](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/36446) GitHub link: https://github.com/apache/superset/discussions/36446#discussioncomment-15185269 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
