-1

I had a working application which fetches the username after ldap authentication using request.getRemoteUser() in apache httpd.

Authentication is working because the redirection is happening to a backend tomcat server where application is hosted.But i am not able to get the username using request.getRemoteUser()

But after applying some sshd ciphers. The code is giving null as result.

I want to know what exactly has happened and how to bring changes to sshd so that my code will work like before.

NOTE: I noticed that some ports are also not working. But i am least concered about that. x11 something is also applied in the server. I am not sure.

Vinayak
  • 43
  • 5
  • You want to know _exactly_ what happened, but your description is all over: request.getRemoteUser is likely from tomcat, not apache http, and I don't see what relation sshd and X11 have to this topic. Also "some ports" and "not working" are extremely unspecific terms. Please read [ask] and edit your question with more clarity, correct or defend your tags as well. I'm tempted to remove at least [tag:apache] and [tag:http.conf] – Olaf Kock May 28 '22 at 18:00

1 Answers1

0

Found the exact issue after a long day.

The problem is that I had to shutdown ajp port. So when ajp port is closed, request.getRemoteUser() gives null because the headers are not passed to http port.

We have to manually add headers for it In the httpd configuration add these lines to add a header.

RewriteEngine On RewriteRule ^ - [E=MY_REMOTE_USER:%{LA-U:REMOTE_USER}] RequestHeader set X-Proxy-USER %{MY_REMOTE_USER}e

You can get the username in the application using request.getHeader("X-Proxy-USER")

Vinayak
  • 43
  • 5