Re: mod_cgi not passing headers for authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Mar 3, 2020 at 12:12 AM Roderick <hruodr@xxxxxxxxx> wrote:
>
> Thanks, Yann!
>
> With this I get HTTP_AUTHORIZATION, but Unfortunately not REMOTE_USER.

Sure, if httpd isn't doing auth it will not care about REMOTE_USER nor
parse the Authorization header.

>
> If user names do not have ":", I can get the username.

User names never have ':', per
https://tools.ietf.org/html/rfc2617#section-3.2.2 :

      user-pass   = userid ":" password
      userid      = *<TEXT excluding ":">
      password    = *TEXT

Nothing special in httpd when it does auth, REMOTE_USER is extracted
from the Authorization header (HTTP_AUTHORIZATION) as "everything
before the first ':'". Your CGI has to do the same thing if it's
responsible for the auth.

Regards,
Yann.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux