Re: [users@httpd] mod_cgi not passing headers for authentication

[Will Fatherley]

Is there a possibility that you can configure a vhost that forwards to the
vhost that you are running cgi in?  In that case, you'll get an
http-forwarded-for header with the address you want.  This of course is a
hack, and may not be appropriate

On Tue, Mar 10, 2020 at 10:53 AM Yann Ylavic  wrote:

> On Tue, Mar 10, 2020 at 2:46 AM Roderick  wrote:
> >
> > Excuse me the question: does httpd obtain REMOTE_USER by parsing
> > the AUTHORIZATION header?
>
> Yes, that's where it's available for basic auth, so mod_auth_basic
> will do this:
> https://github.com/winlibs/apache/blob/master/2.4.x/modules/aaa/mod_auth_basic.c#L139
> (i.e. anything up to the first ':' after base64 decoding).
>
> > The same with AUTH_TYPE?
>
> Same, set to "basic" by mod_auth_basic when doing auth by itself.
>
>
> Regards,
> Yann.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] mod_cgi not passing headers for authentication

[Yann Ylavic]

On Tue, Mar 10, 2020 at 2:46 AM Roderick  wrote:
>
> Excuse me the question: does httpd obtain REMOTE_USER by parsing
> the AUTHORIZATION header?

Yes, that's where it's available for basic auth, so mod_auth_basic
will do this: 
https://github.com/winlibs/apache/blob/master/2.4.x/modules/aaa/mod_auth_basic.c#L139
(i.e. anything up to the first ':' after base64 decoding).

> The same with AUTH_TYPE?

Same, set to "basic" by mod_auth_basic when doing auth by itself.


Regards,
Yann.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org