httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Keith Roberts <keith.robe...@ecric.nhs.uk>
Subject Re: [users@httpd] Issues writing to request headers
Date Thu, 29 Oct 2015 16:30:45 GMT

On 28 Oct 2015, at 23:21, Merritt, Rob <rob.merritt@usask.ca> wrote:

> Hi All in the httpd.conf below I am trying to rewrite REMOTE_USER (which I know is there
since if I Header add REMOTE_USER it ends up in response headers seen in wireshark cap or
firebug)
> I need to have it show in the response headers so I can authenticate to a tomcat app
any way I can confirm it is getting written or not written?
>  
>  
> <Location /SASLogon/login>
> Options +Includes
> AuthType CAS
> Require valid-user
> RequestHeader append MirrorID "mirror 12"
> RewriteEngine On
> RewriteCond %{LA-U:REMOTE_USER} (.+)
> RewriteRule . - [E=RU:%1]                  
> RequestHeader add X-Remote-User %{RU}e env=RU
> RequestHeader append X-Remote-User %{RU}e env=RU
> </Location>

Hi Rob,

Have you tried ModSecurity WAF as this is good for logging apache requests, and the response
as well:

https://www.modsecurity.org/about.html

HTH,

Keith
Mime
View raw message