httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David (Dave) Donnan" <david.don...@thalesgroup.com>
Subject [users@httpd] RewriteRule E=SMUSER:%{LA-U:REMOTE_USER} works but not E=SMUSER:%{LA-U:SSL_CLIENT_S_DN_EMAIL}
Date Wed, 29 Sep 2010 12:18:11 GMT
Hello again. I hope I've not overstayed my welcome.

    RewriteRule .* - [E=SMUSER:%{LA-U:REMOTE_USER}] works for both 80
    and 443 (SSL)

However, the following doesn't work for either (I understand why it 
doesn't work for port 80 :-)

    RewriteRule .* - [E=SMUSER:%{LA-U:SSL_CLIENT_S_DN_EMAIL}]

Nor the following:

    RewriteRule .* - [E=SMUSER:%{LA-F:SSL_CLIENT_S_DN_EMAIL}]      #
    note L A-F, not LA-U

I've done my reading but have not found the definitive list of supported 
variables.

I found a table at the following link, search for %{ NAME_OF_VARIABLE  } 

    http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule

Is SSL_CLIENT_S_DN_EMAIL not supported or am I, perhaps, missing something ?

Any help would be greatly appreciated, Dave
-------

David (Dave) Donnan wrote:
> Hello everybody.
>
> Eric, thanks for the rapide response. I took the $PATH of least 
> resistance, corrected Technique #1, and now it WORKS !
>
> httpd.conf:
>     RewriteEngine on
>     RewriteRule .* - [E=SMUSER:%{LA-U:REMOTE_USER}]
>
> Result (setenv.pl):
>     ...
>     SMUSER="<my-LDAP-userid :-) >"
>     ...
> Thanks again, Dave
>
> PS: I had no luck with setenvif but I'm more than happy with the 
> RewriteRule.
> ------
>
> Eric Covener wrote:
>> On Tue, Sep 28, 2010 at 10:02 AM, David (Dave) Donnan
>> <david.donnan@thalesgroup.com> wrote:
>>   
>>> RewriteEngine on
>>>
>>> RewriteRule .* - [E=SMUSER:%{$REMOTE_USER}]
>>> RequestHeader set my_new_header %{SMUSER}e
>>>
>>>         Result from my browser (setenv.pl):
>>>
>>>         SMUSER=""
>>>     
>>
>> I think the $ is extraneous and causing problems. Another potential
>> problem --  See the "lookahead" feature to figure out REMOTE_USER when
>> your RewriteRules are running in a phase before REMOTE_USER is set!
>>
>> You may be able to wrap your rules in <Directory>, which makes the
>> Rewrite occur a little bit later, and might let some rules like this
>> work better.
>>
>> Finally, why do you want to set the environment variable in a request
>> header? Is this just some debug you added along the way, or your
>> ultimate goal?
>>
>>   
>>> Question 1: The syntax is incredibly cryptic. Where might I look to help me
>>> understand the %, e, {} etc.
>>>     
>> The variable syntax for RequestHeader is defined in a table at the
>> bottom of the Header directive:
>>
>> http://httpd.apache.org/docs/current/mod/mod_headers.html#header
>>
>> The syntax for mod_rewrite is midway down in the doc for RewriteRule:
>> http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule
>>
>>   
>>> Mind you, it works for simple text:
>>>
>>> RewriteRule .* - [E=SMUSER:test]
>>>
>>> Result: SMUSER="test"
>>>
>>> 2. Technique 2: setenv DAVESETENV "text"
>>> ----------------------------------------------
>>>
>>>     Result: DAVESETENV="text"
>>>
>>> But, I've read that this is only a static string.
>>>
>>> http://www.usenet-forums.com/apache-web-server/10179-setenv-dynamic-variable.html
>>>     
>>
>> setenvif is a bit more flexible:
>> http://httpd.apache.org/docs/current/mod/mod_setenvif.html#setenvif
>>
>>   
>


Mime
View raw message