On Thu, 2009-05-28 at 13:58 +0200, Efjestad, Dag wrote:
> No, when I do this the value in RewriteCond is null.
>
> From logfile:
> lookahead: path=/kongsberg/ var=REMOTE_USER -> val=
> RewriteCond: input='' pattern='(.*)' => matched
>
> -----Opprinnelig melding-----
> Fra: Tom Evans [mailto:tevans.uk@xxxxxxxxxxxxxx]
> Sendt: 28. mai 2009 11:49
> Til: users@xxxxxxxxxxxxxxxx
> Emne: Re: REMOTE_USER and PROXY request
>
> On Thu, 2009-05-28 at 10:52 +0200, Efjestad, Dag wrote:
> > Hi.
> >
> > I can't get access to the REMOTE_USER value when I do a proxy request. The value is empty.
> > RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [P,L]
> >
> > For rewrite against directory URL's I get the value.
> > RewriteRule ^/kongsberg(.*) /kongsberg/%{LA-U:REMOTE_USER}$1 [L]
> >
> > and for redirect it works:
> > RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [R,L]
> >
> >
> > I also tried this syntaks with same result - no value in REMOTE_USER env. var.:
> > RewriteCond %{LA-U:REMOTE_USER} (.+)
> > RewriteRule . - [E=RU:%1]
> >
> > ProxyRequests Off
> > ProxyPassInterpolateEnv On
> > ProxyPass /kongsberg/ http://aeoas02/kongsberg/${RU}/ interpolate
> > ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/${RU}/ interpolate
> >
> >
> > I also noticed that I can see the username value in the access logfile but not in the rewrite logfile.
> >
> > Suggestions anyone?
> >
> >
> > Kind regards, Dag
> >
>
> Does this not work?
>
> RewriteCond %{LA-U:REMOTE_USER} (.+)
> RewriteRule /kongsberg/ http://aeoas02/kongsberg/%1/ [P]
>
> Cheers
>
> Tom
>
>
>From my testing, that config works fine:
<VirtualHost *:80>
ServerName ssoauth
DocumentRoot /usr/local/www/ssoauth/htdocs
<Directory /usr/local/www/ssoauth/htdocs>
Order allow,deny
Allow from all
</Directory>
KeepAlive Off
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule /kongsberg/ http://ssoauth:8081/kongsberg/%1/ [P]
RewriteLog /var/log/rwrite.log
RewriteLogLevel 5
<Location />
Include auth/ldap_group_it.conf
</Location>
</VirtualHost>
The log then shows this: (cat /var/log/rwrite.log | sed 's:.*] ::')
(2) init rewrite engine with requested uri /kongsberg/
(3) applying pattern '/kongsberg/' to uri '/kongsberg/'
(2) init rewrite engine with requested uri /kongsberg/
(3) applying pattern '/kongsberg/' to uri '/kongsberg/'
(4) RewriteCond: input='' pattern='(.+)' => not-matched
(1) pass through /kongsberg/
(2) init rewrite engine with requested uri /kongsberg/index.html
(3) applying pattern '/kongsberg/' to uri '/kongsberg/index.html'
(2) init rewrite engine with requested uri /kongsberg/index.html
(3) applying pattern '/kongsberg/' to uri '/kongsberg/index.html'
(4) RewriteCond: input='' pattern='(.+)' => not-matched
(1) pass through /kongsberg/index.html
(5) lookahead: path=/kongsberg/index.html var=REMOTE_USER -> val=tevans
(4) RewriteCond: input='tevans' pattern='(.+)' => matched
(2) rewrite '/kongsberg/index.html' -> 'http://ssoauth:8081/kongsberg/tevans/'
(2) forcing proxy-throughput with http://ssoauth:8081/kongsberg/tevans/
(1) go-ahead with proxy request proxy:http://ssoauth:8081/kongsberg/tevans/ [OK]
(5) lookahead: path=/kongsberg/ var=REMOTE_USER -> val=tevans
(4) RewriteCond: input='tevans' pattern='(.+)' => matched
(2) rewrite '/kongsberg/' -> 'http://ssoauth:8081/kongsberg/tevans/'
(2) forcing proxy-throughput with http://ssoauth:8081/kongsberg/tevans/
(1) go-ahead with proxy request proxy:http://ssoauth:8081/kongsberg/tevans/ [OK]
This log is for just one request. Are you sure you that you are
authenticated using apache auth modules? REMOTE_USER would be empty if
you are not authenticated.
Cheers
Tom
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|