From d222bd5b4b19f6afb31e34ebd0c4696040c704fe Mon Sep 17 00:00:00 2001
From: Xavier Guimard <yadd@debian.org>
Date: Mon, 17 Dec 2018 21:21:16 +0100
Subject: [PATCH] Fix CGIPassAuth (#1593)

---
 _example/etc/portal-apache2.4.conf | 7 ++++++-
 _example/etc/portal-apache2.X.conf | 7 ++++++-
 _example/etc/portal-apache2.conf   | 7 ++++++-
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/_example/etc/portal-apache2.4.conf b/_example/etc/portal-apache2.4.conf
index 2352e212b..be331b814 100644
--- a/_example/etc/portal-apache2.4.conf
+++ b/_example/etc/portal-apache2.4.conf
@@ -32,7 +32,12 @@
     # Note that Content-Security-Policy header is generated by portal itself
     <Files *.fcgi>
         SetHandler fcgid-script
-        #CGIPassAuth on
+        # For Authorization header to be passed, please uncomment one of the following:
+        # for Apache >= 2.4.13
+        #CGIPassAuth On
+        # for Apache < 2.4.13
+        #RewriteCond %{HTTP:Authorization} ^(.*)
+        #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
         Options +ExecCGI
         header unset Lm-Remote-User
     </Files>
diff --git a/_example/etc/portal-apache2.X.conf b/_example/etc/portal-apache2.X.conf
index d98e473e3..708e37364 100644
--- a/_example/etc/portal-apache2.X.conf
+++ b/_example/etc/portal-apache2.X.conf
@@ -38,7 +38,12 @@
     # Note that Content-Security-Policy header is generated by portal itself
     <Files *.fcgi>
         SetHandler fcgid-script
-        #CGIPassAuth on
+        # For Authorization header to be passed, please uncomment one of the following:
+        # for Apache >= 2.4.13
+        #CGIPassAuth On
+        # for Apache < 2.4.13
+        #RewriteCond %{HTTP:Authorization} ^(.*)
+        #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
         Options +ExecCGI
         header unset Lm-Remote-User
     </Files>
diff --git a/_example/etc/portal-apache2.conf b/_example/etc/portal-apache2.conf
index 7474cd527..be62f0d06 100644
--- a/_example/etc/portal-apache2.conf
+++ b/_example/etc/portal-apache2.conf
@@ -33,7 +33,12 @@
     # Note that Content-Security-Policy header is generated by portal itself
     <Files *.fcgi>
         SetHandler fcgid-script
-        #CGIPassAuth on
+        # For Authorization header to be passed, please uncomment one of the following:
+        # for Apache >= 2.4.13
+        #CGIPassAuth On
+        # for Apache < 2.4.13
+        #RewriteCond %{HTTP:Authorization} ^(.*)
+        #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
         Options +ExecCGI
         header unset Lm-Remote-User
     </Files>