This question about Authentication or Authorisation: Answered

Subsitute Differnt Header for REMOTE_USER

Hello,

I am trying to enable an SSO solution using a (non-apache) reverse proxy, an LDAP, and FOSWIKI. I understand that I should use the LDAPApacheLogin authentication module. However the reverse proxy I am using does not set the incoming user identity in REMOTE_USER, rather it sets the identity within a header called IV-USER. I would like to modify the LDAPApacheLogin (or as I rather suspect, the ApacheLogin module which appears to be called by the LDAPApacheLogin module.) In looking at the code for these modules, **I THINK** that I need to change the following lines in the ApacheLogin.pm (located at /var/lib/foswiki/lib/Foswiki/LoginManager/ApacheLogin.pm) within the getUser subroutine :

135 sub getUser {
136 my $this = shift;
137
138 my $query = $this->{session}->{request};
139 my $authUser;
140
141 # Ignore remote user if we got here via an error
142 # Only useful with CGI engine & Apache webserver
143 unless ( ( $ENV{REDIRECT_STATUS} || 0 ) >= 400 ) {
144 #$authUser = $query->remote_user() if $query;
145 $authUser = $query->param(IV-USER) if $query;
146 Foswiki::LoginManager::_trace( $this,
147 "apache getUser says " . ( $authUser || 'undef' ) );
148 }
149 return $authUser;
150 print "$authUser\n";
151 }

While I am familiar with perl I am not as adept with the CGI module. Could someone confirm that I am :

1. Making the change in the right place

and

2. Am interpreting the query method correctly

Thanks,

Pat Smith

-- PatSmith - 24 Oct 2012

Figured it out :

sub getUser { my $this = shift;

my $query = $this->{session}->{request}; my $authUser;

# Ignore remote user if we got here via an error # Only useful with CGI engine & Apache webserver unless ( ( $ENV{REDIRECT_STATUS} || 0 ) >= 400 ) { #$authUser = $query->remote_user() if $query; $authUser = $ENV{HTTP_IV_USER}; Foswiki::LoginManager::_trace( $this, "apache getUser says " . ( $authUser || 'undef' ) ); } return $authUser; }

-- PatSmith - 24 Oct 2012
 

QuestionForm edit

Subject Authentication or Authorisation
Extension ApacheLogin Auth Module
Version Foswiki 1.1.5
Status Answered
Related Topics
Topic revision: r2 - 24 Oct 2012, PatSmith - This page was cached on 17 Nov 2018 - 21:43.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy