[csw-maintainers] Non-Maintainer Uploads (NMUs)
Peter FELECAN
pfelecan at opencsw.org
Mon Aug 12 15:14:43 CEST 2013
Dagobert Michelsen <dam at opencsw.org> writes:
> Hi Peter,
>
> Am 12.08.2013 um 14:43 schrieb Peter FELECAN <pfelecan at opencsw.org>:
>> "Maciej (Matchek) Bliziński" <maciej at opencsw.org> writes:
>>> 2013/8/12 Peter FELECAN <pfelecan at opencsw.org>
>>>>
>>>>> The place to retrieve the user is here:
>>>>> http://sourceforge.net/apps/trac/gar/browser/csw/mgar/gar/v2/lib/web/releases_web.py#L207
>>>>
>>>> Alright. This is the receiving end. Where is the emitting end?
>>>
>>> There's a few stages: the HTTP client uses HTTP basic auth. That is
>>> handled by Apache; but squid is doing something to the headers. I'm
>>> not sure if we only have a forward proxy or a reverse proxy?
>>>
>>> What I think we have, is this:
>>> HTTP client → squid → Apache → script
>>
>> Maybe Dago could provide a description of the architecture.
>>
>> Returning to the REMOTE_USER not being defined, after a cursory look at
>> other people having issues with that it seems that even if the
>> environment variable is not provided, there is a possibility to obtain
>> the remote user from the "authorization" header, see
>> http://stackoverflow.com/questions/8495229/remote-user-not-being-set-by-apache2
>> but maybe this is also modified by the proxy.
>>
>> We need more information about the proxy's configuration.
>
> You should be able to
> ssh web
> with your pfelecan account which can also open /etc/opt/csw/squid/squid.conf
Thank you.
Can you confirm or correct the architecture hypothesis:
HTTP client → squid → Apache → script
More I read about this and more it seems that we must implement a
rewrite on the proxy to pass the REMOTE_USER.
--
Peter
More information about the maintainers
mailing list