On sön, 2007-11-18 at 11:57 -0700, Glenn Zazulia wrote:
> What I'd like to do, though, is to modify/normalize the user name after
> successful authentication by the child proxy so that the parent proxy
> receives the user's email address instead of the less globally-unique
> domain\user info. I'm experimenting with an external ACL helper script
> that attempts to dynamically modify the user name by returning strings
> such as "OK user=foo@xxxxxxx". However, doing this seems to have no
> effect: nothing that I return for "user=" in the helper script appears
> in the parent proxy's log file. Instead, the original authenticated
> user name string continues to be logged.
You need to make a slight change in the source for this.
In src/http.c httpBuildRequestHeader() change
if (orig_request->auth_user_request)
username = authenticateUserRequestUsername(orig_request->auth_user_request);
else if (orig_request->extacl_user)
username = orig_request->extacl_user;
to
if (orig_request->extacl_user)
username = orig_request->extacl_user;
else if (orig_request->auth_user_request)
username = authenticateUserRequestUsername(orig_request->auth_user_request);
Regards
Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
