[PATCH] mod_auth_ntlm_winbind - support for REMOTE_USER
lookahead when reverse proxy
Gerald (Jerry) Carter
jerry at samba.org
Tue Sep 23 23:57:12 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks Michael, I'll try to review this some this week.
cheers, jerry
Michael Baltaks wrote:
> Hi,
>
> Here is a patch that adds two things to mod_auth_ntlm_winbind, and has
> been in production use on my server for over a year.
>
> 1) Allows using %{LA-U:REMOTE_USER} in rewrite rules when in reverse
> proxy mode and authenticating with mod_auth_ntlm_winbind, useful for
> letting httpd handle Active Directory authentication, and then pass the
> user name to a backend server like zope/plone.
>
> 2) Adds two extra options to the config, [NTLMOmitDomain] allowing the
> omission of the domain part of the username, and [NTLMDomainSeparator]
> setting a separator for domain and username (so you can match the
> winbind separator setting).
>
> -Michael.
>
- --
=====================================================================
Samba ------- http://www.samba.org
Likewise Software --------- http://www.likewisesoftware.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFI2YJYIR7qMdg1EfYRAinTAKDYkZNnSyqMhXP5ipHjxVe3haS9GwCg7hn/
9CLLmO5HbWmxR4GrGPBnIA4=
=tQs9
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list