[suPHP] suPHP_UserGroup dynamic ? is it possible ?

Thu, 26 Jul 2007 05:45:39 -0700 

Hi everyone !

I have a very tricky thing to do.

I want to catch the username of the visitor from my intranet from an LDAP/AD 
authentification and use suPHP with this user to execute PHP scripts with the 
permission of this user.

Here my configuration: 

NameVirtualHost mesfichiers
<VirtualHost xxxxxxx>
        ServerName mesfichiers
        ServerAdmin [EMAIL PROTECTED]
        DocumentRoot "/var/www/gestionnaire/"
        LogLevel info
        <Directory "/var/www/gestionnaire/">
                AuthLDAPEnabled on
                AuthLDAPAuthoritative on
                AuthName "Connexion serveur de fichiers"
                AuthType Basic
                AuthLDAPURL 
ldap://xxxxxxxxx:3268/ou=CDA,dc=agglo-larochelle,dc=fr?sAMAccountName?sub?(objectClass=user)
                AuthLDAPBindDN "CN=xxxxx,CN=Users,DC=agglo-larochelle,DC=fr"
                AuthLDAPBindPassword xxxx
                require valid-user

                allow from all
                Options +Indexes
               
        </Directory>

        RewriteEngine On
      RewriteCond %{LA-U:REMOTE_USER} (.+)
      RewriteRule . - [E=USER:%1]

        #now in my $_SERVER table I have $_SERVER['USER'] = 'myUser'

      suPHP_UserGroup CDA+%{USER} staff
      Header add X-Forwarded-User %{USER}e
</VirtualHost>

All works fine (ldap autentification ok, le USER apache variable is set 
correctly) but I can't use it in my suPHP_UserGroup definition ?

I cause a 

[Thu Jul 26 13:09:14 2007] [error] [client xxxxxxx] Premature end of script 
headers: index.php
[Thu Jul 26 13:09:14 2007] [error] [client xxxxxxx] Premature end of script 
headers: index.php

If I switch suPHP_UserGroup CDA+%{USER} staff

in suPHP_UserGroup CDA+j.rautureau staff 

There is no problem. The script is correctly executed by CDA+j.rautureau.

All I would like is to make in dynamic...you see ?

My server: debian sarge, PHP5 CGI, Apache2 (mod_ldap, mod_suphp0.6.2 compiled, 
mod_rewrite, mod_headers)

Here's my configuration
./configure --prefix=/usr --with-min-uid=1000 --with-min-gid=50 
--sysconfdir=/etc --with-apache-user=www-data --with-setid-mode=force 
--disable-checkuid --with-apxs=/usr/bin/apxs2 --disable-checkpath 
--with-logfile=/var/log/suphp.log

Thanks for your help!


Jérôme Rautureau
Développeur Systèmes
Communauté d'agglomération de La Rochelle
Tel : 05 46 30 34 25 / Fax : 05 46 30 34 29


_______________________________________________
suPHP mailing list
[email protected]
http://lists.marsching.biz/mailman/listinfo/suphp

Reply via email to