1

I have the following Apache config:

Alias /HelpdeskSignIn/ /opt/HelpdeskSignIn/web/
    <Location /HelpdeskSignIn/>
            Order allow,deny
            Allow from all
            RewriteEngine On
            RewriteCond %{REQUEST_FILENAME} !-f
            RewriteRule ^(.*) app.php [E=RU:%1,QSA,L]
            RequestHeader set REMOTE_USER %{RU}e
            RedirectMatch permanent ^/app\.php/(.*) /$1
    </Location>
    <Location /HelpdeskSignIn/cccs>
            AuthType CAS
            Require valid-user
    </Location>

The root of the app does not need authentication, but if someone goes to a sub directory of that it needs to be authenticated. If I require a valid CAS user on the whole thing and check the value with PHP it works, but when I try the code above the REMOTE_USER is always empty when hitting PHP code within /cccs. I've tried a few ways of passing that environment variable on the rewrite, but it doesn't seem to work. Is this possible or is there a better way of doing it?

Zarathuztra
  • 3,215
  • 1
  • 20
  • 34
Tyler
  • 1,291
  • 1
  • 13
  • 20
  • 1
    Probably depends on the SAPI. But mod_rewrite itself also renames some CGI environment [vars to `REDIRECT_foo_bar`](http://stackoverflow.com/questions/3050444/when-setting-environment-variables-in-apache-rewriterule-directives-what-causes). – mario Aug 22 '15 at 22:47
  • @mario: I had NO idea some environments use REDIRECT_ to prefix env variables after a redirect. I tend to use nginx with php-fpm and fastCGI. Redirecting is not an issue with the frameworks I use. On this setup I am forced to work with what server was provided. It is Apache2 with the standard PHP5 module. I didn't even think to echo out all the _SERVER variables to see what there was... I'm a poor debugger I guess. THANKS AGAIN! – Tyler Aug 23 '15 at 01:58

1 Answers1

1

@mario had the answer! My issue was I kept trying to set the variable on the rewrite, but what I didn't care how I got the value... I did not know that it was possible it was set to REDIRECT_REMOTE_USER, which it was.

For what its worth, using redirects with nginx and php-fpm and fastCGI this does not happen with frameworks. In my case, I was using a framework.

This is a somewhat similar question that didn't come up in ANY of my searches as I wasn't Googling correctly: has some useful info on the subject: Accessing REMOTE_USER from PHP/CakePHP

Community
  • 1
  • 1
Tyler
  • 1,291
  • 1
  • 13
  • 20