Hello, I'm trying to use an authz_dbd query to authorize based on the value of a cookie (ie. if PHPSESSID cookie is set, a db query can test if it should be authorized). It seems the only parameter AUTHzDBDQuery will supply to the sql query is the username in place of %s; this could work if I could set what REMOTE_USER should be prior to the query running, but I haven't found a way to do so. Eg. here the username for the query is from the auth provider (anon), the SetEnv doesn't the query: <Directory "/whatever/"> AuthName "Name" AuthType Basic AuthBasicProvider anon Anonymous_NoUserID on Anonymous_MustGiveEmail off Anonymous anonymous "*" SetEnvIf Cookie "PHPSESSID=([^ ]+)" REMOTE_USER=$1 Require dbd-group foo # this will work, for any username entered in the browser: #AuthzDBDQuery "SELECT 'foo' FROM sys_session" # this does not work to obtain %s from PHPSESSID: AuthzDBDQuery "SELECT 'foo' FROM sys_session WHERE session_id = %s" </Directory> I'm pretty sure I must convince apache to set a new REMOTE_USER (or httpd_username?) internal variable, not an environment variable, but I don't see how. If I don't specify any AuthType, or set it to None, the AuthzDBDQuery never runs and the error.log says it requires authentication but authentication is not set up. Any ideas are appreciated - thanks! I'm running 2.4.25-3+deb9u5 from debian stretch. Thanks, Jesse Norell -- Jesse Norell Kentec Communications, Inc. 970-522-8107 - www.kci.net --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|