On 28 Oct 2015, at 23:21, Merritt, Rob <rob.merr...@usask.ca> wrote:
> Hi All in the httpd.conf below I am trying to rewrite REMOTE_USER (which I > know is there since if I Header add REMOTE_USER it ends up in response > headers seen in wireshark cap or firebug) > I need to have it show in the response headers so I can authenticate to a > tomcat app any way I can confirm it is getting written or not written? > > > <Location /SASLogon/login> > Options +Includes > AuthType CAS > Require valid-user > RequestHeader append MirrorID "mirror 12" > RewriteEngine On > RewriteCond %{LA-U:REMOTE_USER} (.+) > RewriteRule . - [E=RU:%1] > RequestHeader add X-Remote-User %{RU}e env=RU > RequestHeader append X-Remote-User %{RU}e env=RU > </Location> Hi Rob, Have you tried ModSecurity WAF as this is good for logging apache requests, and the response as well: https://www.modsecurity.org/about.html HTH, Keith