: Apache Reverse Proxy Rewrite Remote_User Running httpd 2.4.6 on CentOS 7 as a reverse proxy for Splunk with SSO. This works with no proxying: RewriteCond %{LA-U:REMOTE_USER} "user" [NC] RewriteRule
Running httpd 2.4.6 on CentOS 7 as a reverse proxy for Splunk with SSO.
This works with no proxying:
RewriteCond %{LA-U:REMOTE_USER} "user" [NC]
RewriteRule ^.*$ - [F,L]
The above does NOT work with proxying.
I would like to match an authenticated user via basic auth.
The X-Remote-User header is being passed to Splunk (SSO debug confirms this).
I have tried using several headers like HTTP_X_REMOTE_USER but still no joy. I don't know enough to see what's going on via ProxyPass etc. Have checked trace rewrite log and enabled forensic log but nothing. Seems the variable is not known in the proxy rewrite environment and the entire block is skipped.
Is my approach wrong? Can I do this another way?
ProxyRequests Off
ProxyPreserveHost Of
ProxyPass /sh 127.0.0.1:8000/sh ProxyPassReverse /sh 127.0.0.1:8000/sh RewriteEngine On
RequestHeader set X-Remote-User %{REMOTE_USER}s
RewriteCond %{LA-U:REMOTE_USER} "user" [NC]
RewriteRule ^.*$ - [F,L]
More posts by @Pierce454
1 Comments
Sorted by latest first Latest Oldest Best
Not quite sure what you mean, however....
I have tried using several headers like HTTP_X_REMOTE_USER
HTTP_X_REMOTE_USER isn't an HTTP request header. That looks like the corresponding index that PHP creates in the $_SERVER superglobal for an HTTP header of the form X-Remote-User.
To match an HTTP request header using mod_rewrite in .htaccess you can do use the %{HTTP:Http-Request-Header} syntax. For example:
RewriteCond %{HTTP:X-Remote-User} "user" [NC]
RewriteRule ^ - [F]
^.*$ is the same as simply ^. No need for the L flag when using F (it is implied).
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2025 All Rights reserved.