Merge pull request #11 from Xenopathic/master
Allow fallback if proxy did not authenticate user, and trusted proxy auth setpull/67/head
commit
a942e96bee
|
@ -26,12 +26,23 @@ Alias /SOGo/WebServerResources/ \
|
|||
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
|
||||
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
|
||||
## below.
|
||||
#
|
||||
## For full proxy-side authentication:
|
||||
#<Location /SOGo>
|
||||
# AuthType XXX
|
||||
# Require valid-user
|
||||
# SetEnv proxy-nokeepalive 1
|
||||
# Allow from all
|
||||
#</Location>
|
||||
#
|
||||
## For proxy-side authentication only for CardDAV and GroupDAV from external
|
||||
## clients:
|
||||
#<Location /SOGo/dav>
|
||||
# AuthType XXX
|
||||
# Require valid-user
|
||||
# SetEnv proxy-nokeepalive 1
|
||||
# Allow from all
|
||||
#</Location>
|
||||
|
||||
ProxyRequests Off
|
||||
SetEnv proxy-nokeepalive 1
|
||||
|
@ -64,7 +75,8 @@ ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
|
|||
|
||||
## When using proxy-side autentication, you need to uncomment and
|
||||
## adjust the following line:
|
||||
# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
|
||||
RequestHeader unset "x-webobjects-remote-user"
|
||||
# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" env=REMOTE_USER
|
||||
|
||||
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
|
||||
|
||||
|
|
|
@ -283,7 +283,7 @@ static BOOL debugLeaks;
|
|||
{
|
||||
id authenticator;
|
||||
|
||||
if (trustProxyAuthentication)
|
||||
if (trustProxyAuthentication && [[context request] headerForKey: @"x-webobjects-remote-user"])
|
||||
authenticator = [SOGoProxyAuthenticator sharedSOGoProxyAuthenticator];
|
||||
else
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue