[Zope] Zope, Apache, REMOTE_USER

Robert Boyd robert.h.boyd at gmail.com
Wed Dec 21 09:08:36 EST 2005


> Regardless, REMOTE_USER is just an environment variable, and if you can
> *prove* it's being set in Apache but not passed to Zope, I'd be surprised.
>
> You can also use Apache directives to do this as well.  It's been a
> while but SetEnv does spring to mind...
>

It's an environment variable in the Authorization headers, which are
(in my limited knowledge) not treated the same as variables in request
headers. I have found no mention of how to achieve this in purely
redirect/proxy setups; only through CGI or CGI-like setups.

SetEnv does not work, at least not in the form
SetEnv REMOTE_USER %{REMOTE_USER} or
SetEnv REMOTE_USER %LA-U:{REMOTE_USER}

I also tried mod_headers to no avail.

Every example of Zope-Apache configuration that I've found so far says
that when needing to pass remote user, you cannot go with the
proxy/rewrite route. If anyone has a working config proving this
wrong, please enlighten me.

FWIW, my situation is a Shibboleth setup where I wrote a customized
Cookie Crumbler to recognize the identity of an authenticated user
requesting a Zope CMF site. It identifies the principal's user id
through REMOTE_USER.

FastCGI with Zope has been flakey for me in the past and therefore I'd
like to take it out of the equation.

Rob


More information about the Zope mailing list