diff --git a/docs/en_US/webserver.rst b/docs/en_US/webserver.rst index abd0cf6c4..c54c14164 100644 --- a/docs/en_US/webserver.rst +++ b/docs/en_US/webserver.rst @@ -32,6 +32,9 @@ and modify the values for the following parameters: "WEBSERVER_AUTO_CREATE_USER", "Set the value to *True* if you want to automatically create a pgAdmin user corresponding to a successfully authenticated Webserver user. Please note that password is not stored in the pgAdmin database." + "WEBSERVER_REMOTE_USER", "The default value is REMOTE_USER, set this variable to any header + or environemnt variable to get the webserver remote user details. Possible values: REMOTE_USER, + HTTP_X_FORWARDED_USER, X-Forwarded-User." Master Password diff --git a/web/config.py b/web/config.py index c77d92f92..33b26fed5 100644 --- a/web/config.py +++ b/web/config.py @@ -736,6 +736,13 @@ OAUTH2_AUTO_CREATE_USER = True WEBSERVER_AUTO_CREATE_USER = True +# REMOTE_USER variable will be used to check the environment variable +# is set or not first, if not available, +# request header will be checked for the same. +# Possible values: REMOTE_USER, HTTP_X_FORWARDED_USER, X-Forwarded-User + +WEBSERVER_REMOTE_USER = 'REMOTE_USER' + ########################################################################## # PSQL tool settings ########################################################################## diff --git a/web/pgadmin/authenticate/webserver.py b/web/pgadmin/authenticate/webserver.py index 47af8becd..4c84f79a4 100644 --- a/web/pgadmin/authenticate/webserver.py +++ b/web/pgadmin/authenticate/webserver.py @@ -77,7 +77,11 @@ class WebserverAuthentication(BaseAuthentication): return True def get_user(self): - return request.environ.get('REMOTE_USER') + username = request.environ.get(config.WEBSERVER_REMOTE_USER) + if not username: + # One more try to get the Remote User from the hearders + username = request.headers.get(config.WEBSERVER_REMOTE_USER) + return username def authenticate(self, form): username = self.get_user()