Hello again Amos, finally on my reverse-proxy a could deliver to the
upstream peer/server the data (username) that I need, using the directive
request_header_add X-Remote-User "%ul"
This is the user captured from authentication (%ul User name) and
validated for --> auth_param basic program auth.php
My helper auth.php go to a internal ldap for validate the user and the
helper say OK/ERR how response.
OK now I want to know it is posible to get or recover from the ldap an
attribute for later deliver this attribute to the peer server on same
way that I deliver on the header the username.
Regards,
El 16/5/19 a las 07:28, jmperrote escribió:
Thanks a lot Amos, a try to use this for testing.
Regards.
El 16/5/19 a las 06:24, Amos Jeffries escribió:
On 16/05/19 3:26 am, jmperrote wrote:
Hello Amos, we use
--> auth_param basic program ...../.../auth.php
for authenticate teh user to the reverse proxy.
auth_param is full HTTP authentication. So the %ul code is what you need
to use in your custom header value for username from that helper.
The %ue is for the external_acl_type helpers output. "user name" is
different from "username" - the single space may seem pedantic but with
security the minor distinction can mean vast differences in risk.
The label in %ue is authorized, but not guaranteed to be valid. Whereas
%ul is authenticated and thus guaranteed valid.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
