Hi all, I've been asked to provide a proxy that authenticates users against our LDAP tree, and then proxies their requests to an external system that requires a different password (for the same user). I can do this with a hardcoded username/password for the external system like this:
AuthType Basic AuthName "LDAP Authentication" AuthLDAPURL ldap://ldap/o=users?cn?sub?(objectclass=Person) AuthLDAPBindDN ldap-admin-user AuthLDAPBindPassword ldap-admin-pass require valid-user SetEnv OurAuthHeader "Basic VDEyNjcwOnM5MzdDMQ==" RequestHeader set Authorization "%{OurAuthHeader}e" ProxyPass http://other-system/ ProxyPassReverse http://other-system/ But what I would like to do is write something to set the value of OurAuthHeader based on the currently logged in user (ie lookup the current user's password for the external system and generate an auth header based on that). I've tried doing this with a filter, but can't even get a basic filter working: PerlModule Apache::AuthFilter PerlInputFilterHandler Apache::AuthFilter with the AuthFilter.pm: sub handler : FilterConnectionHandler { print STDERR "test\n"; Apache::Const::OK; } 1; This just drops the connection as soon as I make the request. Obviously the above does nothing, I would like to change it to replace the hardcoded "OurAuthHeader" value. I've been looking at http://modperlbook.org/html/ch25_03.html and trying to learn what I can, but am not having much luck. I'm also restricted to mod_perl 1.99 which rules out a couple of other options I've found. Does anyone have any suggestions for me? cheers, dim --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]