From a8425a57a6e62d5dd63f27defb4fee0180219f94 Mon Sep 17 00:00:00 2001
From: Ferry Boender <ferry.boender@electricmonk.nl>
Date: Sun, 30 Apr 2017 22:20:29 +0200
Subject: [PATCH] Unset REMOTE_USER header before setting. Shouldn't be needed
 but just in case.

---
 doc/MANUAL.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/MANUAL.md b/doc/MANUAL.md
index 4d39906..fa6e157 100644
--- a/doc/MANUAL.md
+++ b/doc/MANUAL.md
@@ -1239,8 +1239,6 @@ LDAP or OpenID (SSO) authentication.
 You must pass the `REMOTE_USER` header (not environment variable!) to
 Scriptform to get this working. For example, in Apache:
 
-    RequestHeader set REMOTE_USER %{REMOTE_USER}s
-
     Redirect permanent /scriptform /scriptform/
     ProxyPass /scriptform/ http://localhost:8081/
     ProxyPassReverse /scriptform/ http://localhost:8081/
@@ -1251,6 +1249,9 @@ Scriptform to get this working. For example, in Apache:
         AuthBasicProvider file
         AuthUserFile "/var/www/users"
         Require valid-user
+
+        Header unset REMOTE_USER
+        RequestHeader set REMOTE_USER %{REMOTE_USER}s
     </Location>
 
 If such a header is seen, Scriptform won't perform validation of the password