On 28 Oct 2015, at 23:21, Merritt, Rob <rob.merr...@usask.ca> wrote:
> Hi All in the httpd.conf below I am trying to rewrite REMOTE_USER (which I
> know is there since if I Header add REMOTE_USER it ends up in response
> headers seen in wireshark cap or firebug)
> I need to have it show in the response headers so I can authenticate to a
> tomcat app any way I can confirm it is getting written or not written?
>
>
> <Location /SASLogon/login>
> Options +Includes
> AuthType CAS
> Require valid-user
> RequestHeader append MirrorID "mirror 12"
> RewriteEngine On
> RewriteCond %{LA-U:REMOTE_USER} (.+)
> RewriteRule . - [E=RU:%1]
> RequestHeader add X-Remote-User %{RU}e env=RU
> RequestHeader append X-Remote-User %{RU}e env=RU
> </Location>
Hi Rob,
Have you tried ModSecurity WAF as this is good for logging apache requests, and
the response as well:
https://www.modsecurity.org/about.html
HTH,
Keith
