Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 89FD7188F6 for ; Thu, 29 Oct 2015 16:31:06 +0000 (UTC) Received: (qmail 8259 invoked by uid 500); 29 Oct 2015 16:31:00 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 8224 invoked by uid 500); 29 Oct 2015 16:31:00 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 8214 invoked by uid 99); 29 Oct 2015 16:31:00 -0000 Received: from Unknown (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Oct 2015 16:31:00 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 340601A22F3 for ; Thu, 29 Oct 2015 16:31:00 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 4.001 X-Spam-Level: **** X-Spam-Status: No, score=4.001 tagged_above=-999 required=6.31 tests=[HTML_MESSAGE=3, KAM_LAZY_DOMAIN_SECURITY=1, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-us-east.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id s14mXC1HhtAU for ; Thu, 29 Oct 2015 16:30:50 +0000 (UTC) Received: from relay.nhs.uk (relay.nhs.uk [62.208.144.128]) by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTPS id 64F9E42ABE for ; Thu, 29 Oct 2015 16:30:50 +0000 (UTC) Received: from nhs-pd1e-esg110.ad1.nhs.net (nhs-pd1e-esg110.ad1.nhs.net [127.0.0.1]) by IMSVA80 (Postfix) with ESMTP id 98B8A44C292 for ; Thu, 29 Oct 2015 16:30:42 +0000 (GMT) Received: from andromeda.magog.ecric.org.uk (smtp.cpcr.nhs.uk [10.195.239.2]) by nhs-pd1e-esg110.ad1.nhs.net (Postfix) with ESMTP id 6E8264491A6 for ; Thu, 29 Oct 2015 16:30:42 +0000 (GMT) Received: from [158.119.43.76] (158.119.43.76) by andromeda.magog.ecric.org.uk (158.119.43.14) with Microsoft SMTP Server (TLS) id 14.2.347.0; Thu, 29 Oct 2015 16:30:41 +0000 From: Keith Roberts Content-Type: multipart/alternative; boundary="Apple-Mail=_829B0911-9425-41D0-98F1-5D5172DF7130" OLD-MSG-ID: <638BE2E4-FBEF-43CF-836C-11BBEC712B05@ecric.nhs.uk> MIME-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Date: Thu, 29 Oct 2015 16:30:45 +0000 References: <20151028232117.76B854487BF@nhs-pd1e-esg009.ad1.nhs.net> To: In-Reply-To: <20151028232117.76B854487BF@nhs-pd1e-esg009.ad1.nhs.net> X-Mailer: Apple Mail (2.1878.6) X-Originating-IP: [158.119.43.76] Message-Id: <20151029163042.6E8264491A6@nhs-pd1e-esg110.ad1.nhs.net> X-TM-AS-Product-Ver: IMSVA-8.0.0.1495-8.0.0.1202-21908.007 X-TM-AS-Result: No--11.796-15-31-10 X-imss-scan-details: No--11.796-15-31-10;No--11.796-3-31-10;No--11.796-4-31-10 X-TMASE-MatchedRID: IElsOrV503atAtL6xqCAaWYQJPSPOa+9F2Ve/kN8jcnUVzrVUIa+HUQ0 ZbDoCgw3zpFIpbxp7n1IRA38P/dwbn+vzHfC29pfXCmcAC8DBrNOCnNY9CkMJeRmRRhU1WceL9v fZRmBL34lfE7G9HP3/bU+IyHhkXf1g3XZcphu4ksHiwiF9OOogUqyUztVRoTBdvgGbsWpCcvTcF AhDH0WXUIjaJSsaV6qZjQijgrFvzol3afZehJEWaMLUT/MIQivJwonUK0HmcXfXALU9u3DdQ87n gLKiborUNcVHuERA2y9/kMM+y0cUUopYlyHMD9xEB0PuwJG07GY0QyexuU2YWeb450urkdS7Hji 88qz7d5dInhzedP5BwcbMHjYNxGhhZApJAdFDDabKItl61J/yZUdXE/WGn0FMwyzN4BmnMmLctq yyMgL5Wrz/G/ZSbVqtVX2a1/ZsVgmTpX28d+oyqi/IgorN4RlfPWCvHlLJOqXS3ziR7m9Gz6Yrb 0X/LFaELDqX6ay8bPvje+STFaTcELd7Pb1iU0N94tZe9pXOi4= Subject: Re: [users@httpd] Issues writing to request headers --Apple-Mail=_829B0911-9425-41D0-98F1-5D5172DF7130 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" On 28 Oct 2015, at 23:21, Merritt, Rob wrote: > Hi All in the httpd.conf below I am trying to rewrite REMOTE_USER = (which I know is there since if I Header add REMOTE_USER it ends up in = response headers seen in wireshark cap or firebug) > I need to have it show in the response headers so I can authenticate = to a tomcat app any way I can confirm it is getting written or not = written? > =20 > =20 > > Options +Includes > AuthType CAS > Require valid-user > RequestHeader append MirrorID "mirror 12" > RewriteEngine On > RewriteCond %{LA-U:REMOTE_USER} (.+) > RewriteRule . - [E=3DRU:%1] =20 > RequestHeader add X-Remote-User %{RU}e env=3DRU > RequestHeader append X-Remote-User %{RU}e env=3DRU > Hi Rob, Have you tried ModSecurity WAF as this is good for logging apache = requests, and the response as well: https://www.modsecurity.org/about.html HTH, Keith= --Apple-Mail=_829B0911-9425-41D0-98F1-5D5172DF7130 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="us-ascii"
On 28 Oct 2015, at 23:21, Merritt, Rob = <rob.merritt@usask.ca> = wrote:

Hi All in the = httpd.conf below I am trying to rewrite REMOTE_USER (which I know is = there since if I Header add REMOTE_USER it ends up in response headers = seen in wireshark cap or firebug)
I = need to have it show in the response headers so I can authenticate to a = tomcat app any way I can confirm it is getting written or not = written?
 
 
<Location /SASLogon/login>
Options +Includes
AuthType CAS
Require valid-user
RequestHeader append MirrorID "mirror = 12"
RewriteEngine = On
RewriteCond %{LA-U:REMOTE_USER} = (.+)
RewriteRule . - = [E=3DRU:%1]          &nb= sp;       
RequestHeader add X-Remote-User %{RU}e = env=3DRU
RequestHeader append = X-Remote-User %{RU}e env=3DRU
</Location>

Hi Rob,

Have you tried ModSecurity WAF as = this is good for logging apache requests, and the response as = well:


HTH,

Ke= ith
= --Apple-Mail=_829B0911-9425-41D0-98F1-5D5172DF7130--