Accessing the Auth Headers
5 posts
• Page 1 of 1
- Cptninsano2000
-
- Posts: 3
- Joined: 15 May 2013, 22:07
Accessing the Auth Headers
Hi,
I was wondering if there is a way to modify this authentication header X-ISRW-Proxy-REMOTE-USER
I need to strip the domain off of the NTLM authentication in iis7. I figure i would use a regex to split it. For example .*\\([^\\]+) I just need a way to access it.
Thank you,
Keith
I was wondering if there is a way to modify this authentication header X-ISRW-Proxy-REMOTE-USER
I need to strip the domain off of the NTLM authentication in iis7. I figure i would use a regex to split it. For example .*\\([^\\]+) I just need a way to access it.
Thank you,
Keith
Re: Accessing the Auth Headers
Hello, Keith
You should write a RewriteHeader rule on the back-end that will remove domain from X-ISRW-Proxy-REMOTE-USER header.
By default the header contains 'domain\user' and you'll need to rewrite to just 'user'
You should write a RewriteHeader rule on the back-end that will remove domain from X-ISRW-Proxy-REMOTE-USER header.
By default the header contains 'domain\user' and you'll need to rewrite to just 'user'
- Cptninsano2000
-
- Posts: 3
- Joined: 15 May 2013, 22:07
Re: Accessing the Auth Headers
Hi Anton,
Thank you for your reply.
Sorry if I wasn't clear, this is very new to me.
I was wanting to know if the authentication header values were accessible before they are sent to the back-end server. I want to strip the domain off prior the request being sent to the back-end server. I would set another variable with the new value and add it to the request also.
something like this...
RewriteCond %{X-ISRW-Proxy-REMOTE-USER} .*\\([^\\]+)
SetEnvIf HTTP_x_user_id %1
My syntax might be wrong. I'm just hoping that this can be accomplished at the proxy.
Thanks agiain,
Keith
Thank you for your reply.
Sorry if I wasn't clear, this is very new to me.
I was wanting to know if the authentication header values were accessible before they are sent to the back-end server. I want to strip the domain off prior the request being sent to the back-end server. I would set another variable with the new value and add it to the request also.
something like this...
RewriteCond %{X-ISRW-Proxy-REMOTE-USER} .*\\([^\\]+)
SetEnvIf HTTP_x_user_id %1
My syntax might be wrong. I'm just hoping that this can be accomplished at the proxy.
Thanks agiain,
Keith
Re: Accessing the Auth Headers
Hello,
It's not quite clear what you want, but:
- we cannot change headers on front-end before they go to back-end
- SetEnvIf HTTP_x_user_id %1 will set the environment variable for the current request on front-end, but nothing will change for back-end
- maybe you can think of changing the logic of your application so that it removes domain by itself.
Please outline your task in mode detail and we'll try to suggest you a solution.
It's not quite clear what you want, but:
- we cannot change headers on front-end before they go to back-end
- SetEnvIf HTTP_x_user_id %1 will set the environment variable for the current request on front-end, but nothing will change for back-end
- maybe you can think of changing the logic of your application so that it removes domain by itself.
Please outline your task in mode detail and we'll try to suggest you a solution.
- Cptninsano2000
-
- Posts: 3
- Joined: 15 May 2013, 22:07
Re: Accessing the Auth Headers
Hi Anton,
I figured as much. I ended up doing as you suggested for the most part.
I chained 2 simple proxies together in IIS.
A frontend proxy creates auth user headers and passes it a to a backend site that proxies the request to the application server.
Frontend -- Listens on 80
RewriteEngine on
RewriteBase /
RewriteProxy ^(.*) http://IIS_backend_proxy:8080/$1 [NC,A]
Backend -- Listens on 8080
RewriteEngine on
RewriteBase /
SetEnvIf %{HTTP_X_ISRW_PROXY_REMOTE_USER} .*\\([^\\]+) HTTP_x_user_id=$1
RewriteProxy ^(.*) http://application_server/$1 [NC]
This seems to work well.
Thank you again,
Keith
I figured as much. I ended up doing as you suggested for the most part.
I chained 2 simple proxies together in IIS.
A frontend proxy creates auth user headers and passes it a to a backend site that proxies the request to the application server.
Frontend -- Listens on 80
RewriteEngine on
RewriteBase /
RewriteProxy ^(.*) http://IIS_backend_proxy:8080/$1 [NC,A]
Backend -- Listens on 8080
RewriteEngine on
RewriteBase /
SetEnvIf %{HTTP_X_ISRW_PROXY_REMOTE_USER} .*\\([^\\]+) HTTP_x_user_id=$1
RewriteProxy ^(.*) http://application_server/$1 [NC]
This seems to work well.
Thank you again,
Keith
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 28 guests