> Regardless, REMOTE_USER is just an environment variable, and if you can
> *prove* it's being set in Apache but not passed to Zope, I'd be surprised.
> You can also use Apache directives to do this as well.  It's been a
> while but SetEnv does spring to mind...

It's an environment variable in the Authorization headers, which are
(in my limited knowledge) not treated the same as variables in request
headers. I have found no mention of how to achieve this in purely
redirect/proxy setups; only through CGI or CGI-like setups.

SetEnv does not work, at least not in the form

I also tried mod_headers to no avail.

Every example of Zope-Apache configuration that I've found so far says
that when needing to pass remote user, you cannot go with the
proxy/rewrite route. If anyone has a working config proving this
wrong, please enlighten me.

FWIW, my situation is a Shibboleth setup where I wrote a customized
Cookie Crumbler to recognize the identity of an authenticated user
requesting a Zope CMF site. It identifies the principal's user id
through REMOTE_USER.

FastCGI with Zope has been flakey for me in the past and therefore I'd
like to take it out of the equation.

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to