cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
This question about Authentication or Authorisation: Answered

Subsitute Differnt Header for REMOTE_USER

Hello,

I am trying to enable an SSO solution using a (non-apache) reverse proxy, an LDAP, and FOSWIKI. I understand that I should use the LDAPApacheLogin authentication module. However the reverse proxy I am using does not set the incoming user identity in REMOTE_USER, rather it sets the identity within a header called IV-USER. I would like to modify the LDAPApacheLogin (or as I rather suspect, the ApacheLogin module which appears to be called by the LDAPApacheLogin module.) In looking at the code for these modules, **I THINK** that I need to change the following lines in the ApacheLogin.pm (located at /var/lib/foswiki/lib/Foswiki/LoginManager/ApacheLogin.pm) within the getUser subroutine :

135 sub getUser {
136 my $this = shift;
137
138 my $query = $this->{session}->{request};
139 my $authUser;
140
141 # Ignore remote user if we got here via an error
142 # Only useful with CGI engine & Apache webserver
143 unless ( ( $ENV{REDIRECT_STATUS} || 0 ) >= 400 ) {
144 #$authUser = $query->remote_user() if $query;
145 $authUser = $query->param(IV-USER) if $query;
146 Foswiki::LoginManager::_trace( $this,
147 "apache getUser says " . ( $authUser || 'undef' ) );
148 }
149 return $authUser;
150 print "$authUser\n";
151 }

While I am familiar with perl I am not as adept with the CGI module. Could someone confirm that I am :

1. Making the change in the right place

and

2. Am interpreting the query method correctly

Thanks,

Pat Smith

-- PatSmith - 24 Oct 2012

Figured it out :

sub getUser { my $this = shift;

my $query = $this->{session}->{request}; my $authUser;

# Ignore remote user if we got here via an error # Only useful with CGI engine & Apache webserver unless ( ( $ENV{REDIRECT_STATUS} || 0 ) >= 400 ) { #$authUser = $query->remote_user() if $query; $authUser = $ENV{HTTP_IV_USER}; Foswiki::LoginManager::_trace( $this, "apache getUser says " . ( $authUser || 'undef' ) ); } return $authUser; }

-- PatSmith - 24 Oct 2012
 

QuestionForm edit

Subject Authentication or Authorisation
Extension ApacheLogin Auth Module
Version Foswiki 1.1.5
Status Answered
Related Topics
Topic revision: r2 - 24 Oct 2012, PatSmith - This page was cached on 17 Sep 2018 - 22:14.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy