0 Replies Latest reply on May 11, 2012 9:28 AM by Francesco Sordillo

    [SOLVED] REMOTE_USER mod_proxy_ajp JBoss

    Francesco Sordillo Newbie

      Hi to all.


      I'm running JBoss 5.1.2 with Apache 2.2 with mod_proxy_ajp and mod_shib 2.4 on RHEL 6.2 environment, so Shibboleth as SSO authentication.

      Proxying Apache request to JBoss we are not able to retreive REMOTE_USER via request attribute. An example of application code is:


      String username = (String) request.getAttribute("REMOTE_USER");


      but, as I said before, REMOTE_USER is not in the attribute header! The problem is that using a proxy, requests attribute are lost!

      By Google, some user suggests to configure this rewrite rule on Apache



          RewriteCond %{LA-U:REMOTE_USER} (.*)

          RewriteRule .* - [E=MY_REMOTE_USER:%1]

          RequestHeader add REMOTE_USER %{MY_REMOTE_USER}e



      but in this case "REMOTE_USER" is a Request Header and not a request attribute.

      Is there anyone that know how to proxy REMOTE_USER as request attribute with mod_proxy_ajp?


      Thanks a lot.



      [ update 11/05/2012 ]

      Thanks to jboss.com support I solved with this rewrite rule



          RewriteCond %{LA-U:REMOTE_USER} (.*)

          RewriteRule .* - [E=AJP_REMOTE_USER:%1]



      According with Apache documentation