[Catalyst] Catalyst with HTTP authentication
Robert Rothenberg
robrwo at gmail.com
Mon Mar 25 15:54:49 GMT 2013
On 25/03/13 14:08 Tomas Doran wrote:
>
> On 22 Mar 2013, at 13:34, Robert Rothenberg <robrwo at gmail.com> wrote:
>> I'm unsure what to do here. Should I write a Plack::Middleware plugin that
>> translates the X-Proxy-REMOTE_USER header to an env->{REMOTE_USER}?
>
>
> That's exactly what's needed here :)
Ok. After faffing about, I've figured it out. I've created a module
package Plack::Middleware::MyRemote;
use parent qw( Plack::Middleware );
use Plack::Util;
sub call {
my ($self, $env) = @_;
$env->{REMOTE_USER} = $env->{HTTP_X_PROXY_REMOTE_USER}
if ($env->{HTTP_X_PROXY_REMOTE_USER});
my $res = $self->app->($env);
return $res;
}
1;
and modified myapp.psgi to
use strict;
use warnings;
use MyApp;
use Plack::Builder;
my $app = Drain->apply_default_middlewares(Drain->psgi_app);
builder {
enable "Plack::Middleware::MyRemote";
$app;
};
that seems to work now.
In the Apache configuration, I need to add:
RequestHeader unset X-Proxy-REMOTE_USER
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Proxy-REMOTE_USER %{RU}e
along with the requirement to log in for the specific directory.
I'd suggest updating the documentation for A::C::Remote accordingly. (I can
do this if you point me in the direction of the git repo....)
This seems to work properly.
More information about the Catalyst
mailing list