Unset REMOTE_USER header before setting. Shouldn't be needed but just in case.

pull/7/head
Ferry Boender 8 years ago
parent 239d308d56
commit a8425a57a6
  1. 5
      doc/MANUAL.md

@ -1239,8 +1239,6 @@ LDAP or OpenID (SSO) authentication.
You must pass the `REMOTE_USER` header (not environment variable!) to You must pass the `REMOTE_USER` header (not environment variable!) to
Scriptform to get this working. For example, in Apache: Scriptform to get this working. For example, in Apache:
RequestHeader set REMOTE_USER %{REMOTE_USER}s
Redirect permanent /scriptform /scriptform/ Redirect permanent /scriptform /scriptform/
ProxyPass /scriptform/ http://localhost:8081/ ProxyPass /scriptform/ http://localhost:8081/
ProxyPassReverse /scriptform/ http://localhost:8081/ ProxyPassReverse /scriptform/ http://localhost:8081/
@ -1251,6 +1249,9 @@ Scriptform to get this working. For example, in Apache:
AuthBasicProvider file AuthBasicProvider file
AuthUserFile "/var/www/users" AuthUserFile "/var/www/users"
Require valid-user Require valid-user
Header unset REMOTE_USER
RequestHeader set REMOTE_USER %{REMOTE_USER}s
</Location> </Location>
If such a header is seen, Scriptform won't perform validation of the password If such a header is seen, Scriptform won't perform validation of the password

Loading…
Cancel
Save