Question
is it possible to pass Apache's REMOTE_USER from one Apache server to another?
My users are already authenticated in a web application on one Apache server, and now I want to redirect them to a different web application on another Apache server. The new web application requires REMOTE_USER to already be set on the second server.
It seems like this may be possible using RewriteCond. However, the examples I have seen all vary. I am having trouble understanding how I need to configure httpd.conf on each server.
Here is what I have so far:
Server A: (Where users are already authenticated)
https://stackoverflow.com/questions/21290809
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianAlias /apps C:\web\apps
#Authentication
<Directory C:\web\apps>
AllowOverride None
Order deny,allow
AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
AuthUserFile C:\web\passwd\passwords
Require valid-user
</Directory>
Server B: (Contains new web application requiring REMOTE_USER to be set)
Not sure what I need to do here. Or do I only have to
modify configuration on Server A?
Solution
is it possible to pass Apache's REMOTE_USER from one Apache server to another?
What do you think would happen if configure my .hpasswd file with a user littleK and password of my choice and then passed the request on to Stackoverflow?
That's just not how the web works. And one of the many reasons that Basic HTTP authentication is a really bad idea.
You need to go read up on authentication in web applications, state management and how HTTP handles cookies.
