Roundup Tracker - Issues


Author antmail
Recipients antmail, ber, jerrykan, rouilj, techtonik
Date 2017-04-21.07:41:50
Message-id <>
In-reply-to <>
> Would your use case be handled by this proposal Anthony?

It seems to yes.

I  advocate this options again and bring back that Apache have a special
care   of  REMOTE_USER  variable  and  there  is  no power to leave it
untouched  in a proxy chain.

> John Rouillard added the comment:

> Hi all:

> Does this sound like a reasonable idea?

> Modify the http_auth variable to support:

>   yes - use REMOTE_USER, HTTP_AUTHORIZATION (as current)
>   no - disable (as current)
>   HTTP_*  - look for the HTTP_* variable in the env array
>             and use the value of that variable like REMOTE_USER.
>             E.G. the value HTTP_PROXY-USER or http_proxy-USER
>             looks for env['HTTP_PROXY-USER']
> We pair that with a new config variable

>   pass_headers = proxy-user, X-Free-Registration

> which generates entries:


> if the corresponding headers exist.

> So for Anthony to get what he wanted (assuming the header uid_variable
> contains the username) the config:

>   http_auth = HTTP_UID_VARIABLE
>   pass_headers = uid-variable

> Would your use case be handled by this proposal Anthony?

> Thoughts?

> ----------
> title: New option for web auth -> New option for web auth (also http header passing)

> ________________________________________________
> Roundup tracker <>
> <>
> ________________________________________________
Date User Action Args
2017-04-21 07:41:51antmailsetrecipients: + antmail, ber, rouilj, techtonik, jerrykan
2017-04-21 07:41:51antmaillinkissue2550837 messages
2017-04-21 07:41:50antmailcreate