We are using shibboleth for authentication. Our shibboleth Service provider is running on a host that is running apache with reverse proxy configuration (mod_proxy). The applications using shibboleth are running in the backend, no SP is installed on these servers. We are getting all shibboleth headers on the backend servers.
Now I need the REMOTE_USER variable that is filled by shibboleth authentication on the proxy server to be available on the backend server. I"ve managed to get the value into HTTP_REMOTE_USER and pass it on the the backend servers but i'm struggling to put this value into REMOTE_USER on the backend server.
I would like to know what the difference is between HTTP_REMOTE_USER and REMOTE_USER and how to manipulate REMOTE_USER from the apache config without doing actual authentication.
Best Answer
I wanted to do exactly the same as you with shibboleth. But unfortunately I found this on the corresponding apache docs. REMOTE_USER is part of the CGI standard therefore cannot be modified with apache directives.