[csw-maintainers] Non-Maintainer Uploads (NMUs)

Peter FELECAN pfelecan at opencsw.org
Mon Aug 12 15:14:43 CEST 2013

Dagobert Michelsen <dam at opencsw.org> writes:

> Hi Peter,
> Am 12.08.2013 um 14:43 schrieb Peter FELECAN <pfelecan at opencsw.org>:
>> "Maciej (Matchek) Bliziński" <maciej at opencsw.org> writes:
>>> 2013/8/12 Peter FELECAN <pfelecan at opencsw.org>
>>>>> The place to retrieve the user is here:
>>>>> http://sourceforge.net/apps/trac/gar/browser/csw/mgar/gar/v2/lib/web/releases_web.py#L207
>>>> Alright. This is the receiving end. Where is the emitting end?
>>> There's a few stages: the HTTP client uses HTTP basic auth. That is
>>> handled by Apache; but squid is doing something to the headers. I'm
>>> not sure if we only have a forward proxy or a reverse proxy?
>>> What I think we have, is this:
>>> HTTP client → squid → Apache → script
>> Maybe Dago could provide a description of the architecture.
>> Returning to the REMOTE_USER not being defined, after a cursory look at
>> other people having issues with that it seems that even if the
>> environment variable is not provided, there is a possibility to obtain
>> the remote user from the "authorization" header, see
>> http://stackoverflow.com/questions/8495229/remote-user-not-being-set-by-apache2
>> but maybe this is also modified by the proxy.
>> We need more information about the proxy's configuration.
> You should be able to
>   ssh web
> with your pfelecan account which can also open /etc/opt/csw/squid/squid.conf

Thank you.

Can you confirm or correct the architecture hypothesis:

HTTP client → squid → Apache → script

More I read about this and more it seems that we must implement a
rewrite on the proxy to pass the REMOTE_USER.

More information about the maintainers mailing list