Home / server / Questions / 49638
In Process
Guillaume
Asked: 2009-08-05 00:10:35 +0800 CST

Apache2 - mod_rewrite : RequestHeader and environment variables

  • 772

I try to get the value of the request parameter "authorization" and to store it in the header "Authorization" of the request.

The first rewrite rule works fine. In the second rewrite rule the value of $2 does not seem to be stored in the environement variable. As a consequence the request header "Authorization" is empty.

Any idea ? Thanks.

<VirtualHost *:8010>
  RewriteLog "/var/apache2/logs/rewrite.log"
  RewriteLogLevel 9
  RewriteEngine On
  RewriteRule ^/(.*)&authorization=@(.*)@(.*) http://<ip>:<port>/$1&authorization=@$2@$3 [L,P]
  RewriteRule ^/(.*)&authorization=@(.*)@(.*) - [E=AUTHORIZATION:$2,NE]
  RequestHeader add "Authorization" "%{AUTHORIZATION}e"
</VirtualHost>

I need to handle several cases because sometimes parameters are in the path and sometines they are in the query. Depending on the user. This last case fails. The header value for AUTHORIZATION looks empty.

# if the query string includes the authorization parameter
RewriteCond %{QUERY_STRING} ^(.*)authorization=@(.*)@(.*)$
# keep the value of the parameter in the AUTHORIZATION variable and redirect
RewriteRule ^/(.*) http://<ip>:<port>/ [E=AUTHORIZATION:%2,NE,L,P]
# add the value of AUTHORIZATION  in the header
RequestHeader add "Authorization" "%{AUTHORIZATION}e"
apache-2.2 mod-rewrite requestheader

3 Answers

  1. It looks like you've got the 'L' (last) flag on the first rule. Rule processing will stop there, and no more re-writing will happen. I don't think the second rule will ever be reached. Try removing the 'L' flag.

    Edit

    Oh, and you've got the 'P' (proxy) flag set, too. That will also stop rewrite rule processing at that point and force a proxy request through mod_proxy.

    Can you do it all in one rule, as the pattern match is the same. I'm not completely sure what you're after, but this might do it:

    RewriteRule ^/(.*)&authorization=@(.*)@(.*) http://<ip>:<port>/$1&authorization=@$2@$3 [E=AUTHORIZATION:$2,NE,L,P]

    Update

    Aha, I think I see what you are trying to do now. As soon as you specify the [P] in the flags, the proxy request happens at that point. If I read the question correctly, you want the AUTHORIZATION var passed in to that request, so you'll need to put that in before the [P]:

    # if the query string includes the authorization parameter
RewriteCond %{QUERY_STRING} ^(.*)authorization=@(.*)@(.*)$
RewriteRule ^/(.*) - [E=AUTHORIZATION:%2]
# add the value of AUTHORIZATION  in the header
RequestHeader add "Authorization" "%{AUTHORIZATION}e"
# keep the value of the parameter in the AUTHORIZATION variable and redirect
RewriteRule ^/(.*) http://<ip>:<port>/ [NE,L,P]

    Completely untested, but should do what you want - if I understand the question correctly.

    Apache Config Update

    Do you have AllowOverride FileInfo set for that directory in httpd.conf? If not, then you won't be able to use RequestHeader in .htaccess

    • 2

  2. I suspect you either can't override the Authorization header or that it's mangled later in the request process. As I'm sure you know, Authorization: is used for HTTP basic authentication so there's a good chance that something else is diddling it. Can you use a differently-named header?

    • 0

  3. Is there a reason you're using mod_rewrite for this and not mod_setenvif?

    http://httpd.apache.org/docs/current/mod/mod_setenvif.html#setenvif

    • 0