Hi I'm trying to incorporate a software to our intranet services (BackupPc)
This Software uses the environment variable REMOTE_USER
to get the username. Placed under an Apache 2.2 server with Client certificate Authentication system and FakeBasicAuth
enabled, REMOTE_USER
gets the same value as SSL_CLIENT_S_DN
, which have all the distinguished name string of the certificate.
I'm trying to set REMOTE_USER
the contents of SSL_CLIENT_S_DN_CN
which has a content which matches with my usernames and easyer and shorter to read.
This environment variable passed to CGI can not be changed by SetEnv
and SetEnfIf
. There's also a mod_ssl directive, SSLUserName
but the Apache 2.2 official documentation says that it won't work with FakeBasicAuth enabled.
So I'm wondering if I'm missing something or there's a clever workarround on this issue.
I can't drop FakeBasicAuth because that's our authmodel on the rest of the intranet, And I dont want to patch the code of the application (I did it to get it working but I want to drop the patched code in favor of the official one)
It seems that
REMOTE_USER
cannot be modified by apache directives, so what about modifying BackupPc to useSSL_CLIENT_S_DN_CN
variable or to set the value ofREMOTE_USER
in its startup code?