[3507] in WWW Security List Archive
Re: REMOTE_USER
daemon@ATHENA.MIT.EDU (Brian W. Spolarich)
Sat Nov 9 14:05:06 1996
Date: Sat, 9 Nov 1996 11:16:29 -0500 (EST)
From: "Brian W. Spolarich" <briansp@ans.net>
To: Andrea Di Fabio <fabio@cs.odu.edu>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.3.91.961108141853.27659A-100000@pitfall.cs.odu.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
On Fri, 8 Nov 1996, Andrea Di Fabio wrote:
| Has anyone successfully got this ENV variable to return something ??
| If so, let me know how.
|
| I have also tried to runas the apache 1.1.1 server from inetd,
| and got the username to appear in the tcpwrappers ... but I did
| not have any luck with SSI or CGI $ENV{'REMOTE_USER'}
REMOTE_USER is set to the username for which the client successfully
authenticated during the HTTP Basic authentication handshake.
REMOTE_USER is only set when the user has authenticated. If REMOTE_USER
is not set, the the connection did not require an authentication
handshake.
You will need to configure your HTTP server to require authentication
for the CGI program in order for this to work.
-brian
--
Brian W. Spolarich - ANS Systems Development - briansp@ans.net - 313-677-7311
The net has fall'n upon me! I shall perish...
