Hi All,
I was wondering if one of these existed already so thought I'd ask here
before I wrote one...
So, we have a front end server running Apache, on Windows, doing NTLM
auth (yay! go suckiness!). It proxies requests through to one of our
back end servers, setting a header in the process:
<Proxy *>
Order deny,allow
Allow from all
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Forwarded-User %{RU}e
</Proxy>
So, I need to turn the 'X-Forwarded-User' request header into the BFG
user id. Anyone done an authentication policy that does this yet?
cheers,
Chris
PS: Yes, this would be insecure, were the backend servers not all
firewalled off to only accept requests from the front end ;-)
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
