Hi,
we are using apache (Server version: Apache/2.4.6 Red Hat Enterprise Linux) as a reverse proxy in front of our Perl webserver (Mojolicious). Apache is also taking care of SSO authentication through Kerberos. We are using a rewriterule to pass on the REMOTE_USER request header to our webserver.
This is working fine for 97% of our AD users, but the other 3% are getting a kind of endless loop. And I suspect that my rewriterule is the culprit. Please have a look at my configuration below:
<Location />
AuthName "Authenticate to SYST-ADMIN.COLRUYT.INT"
AuthType Kerberos
KrbServiceName Any
Krb5Keytab /opt/otrs_soft/SSO/suldapincs.keytab
KrbAuthRealms SYST-ADMIN.COLRUYT.INT
KrbMethodNegotiate On
KrbMethodK5Passwd On
KrbAuthoritative On
KrbSaveCredentials Off
KrbVerifyKDC Off
require valid-user
RewriteEngine on
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1,NS]
RequestHeader set REMOTE_USER "%{RU}e" env=RU
RequestHeader set REMOTE_USER_SECRET "*************"
</Location>
To be honest, I'm not an expert in Rewrite Rules, I've just copy pasted the above from an article on the internet. Does anyone knows if the above Rewrite condition/rule can result in an endless loop and how to resolve this?
Already thanks in advance for your feedback!
Kind regards,
Michael
Dit bericht is onderworpen aan de voorwaarden beschikbaar op onze website
Ce message est soumis aux conditions disponibles sur notre site web
This message is subject to the terms and conditions available on our website
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|