From d222bd5b4b19f6afb31e34ebd0c4696040c704fe Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Mon, 17 Dec 2018 21:21:16 +0100 Subject: [PATCH] Fix CGIPassAuth (#1593) --- _example/etc/portal-apache2.4.conf | 7 ++++++- _example/etc/portal-apache2.X.conf | 7 ++++++- _example/etc/portal-apache2.conf | 7 ++++++- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/_example/etc/portal-apache2.4.conf b/_example/etc/portal-apache2.4.conf index 2352e212b..be331b814 100644 --- a/_example/etc/portal-apache2.4.conf +++ b/_example/etc/portal-apache2.4.conf @@ -32,7 +32,12 @@ # Note that Content-Security-Policy header is generated by portal itself SetHandler fcgid-script - #CGIPassAuth on + # For Authorization header to be passed, please uncomment one of the following: + # for Apache >= 2.4.13 + #CGIPassAuth On + # for Apache < 2.4.13 + #RewriteCond %{HTTP:Authorization} ^(.*) + #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] Options +ExecCGI header unset Lm-Remote-User diff --git a/_example/etc/portal-apache2.X.conf b/_example/etc/portal-apache2.X.conf index d98e473e3..708e37364 100644 --- a/_example/etc/portal-apache2.X.conf +++ b/_example/etc/portal-apache2.X.conf @@ -38,7 +38,12 @@ # Note that Content-Security-Policy header is generated by portal itself SetHandler fcgid-script - #CGIPassAuth on + # For Authorization header to be passed, please uncomment one of the following: + # for Apache >= 2.4.13 + #CGIPassAuth On + # for Apache < 2.4.13 + #RewriteCond %{HTTP:Authorization} ^(.*) + #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] Options +ExecCGI header unset Lm-Remote-User diff --git a/_example/etc/portal-apache2.conf b/_example/etc/portal-apache2.conf index 7474cd527..be62f0d06 100644 --- a/_example/etc/portal-apache2.conf +++ b/_example/etc/portal-apache2.conf @@ -33,7 +33,12 @@ # Note that Content-Security-Policy header is generated by portal itself SetHandler fcgid-script - #CGIPassAuth on + # For Authorization header to be passed, please uncomment one of the following: + # for Apache >= 2.4.13 + #CGIPassAuth On + # for Apache < 2.4.13 + #RewriteCond %{HTTP:Authorization} ^(.*) + #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] Options +ExecCGI header unset Lm-Remote-User