Comments (9)
AnthonyDeroche
commented on June 1, 2024
Hey,
Yes it is possible.
Whatever the module you use for authentication (files, databases, ...), it does not require to restart Apache if you add users.
All you have to do then is to get the folder (PATH_INFO) from the requested URL and compare it with the current authenticated user (REMOTE_USER).
from mod_authnz_jwt.
apishta
commented on June 1, 2024
Hi Anthony,
Thnx for your quick answer.
I don't have access to REMOTE_USER, actually, it is empty, because I don't use jwt-login-handler. I am using the JWT created by the external application.
Would be possible to make the following:
parse a folder name from PATH_INFO and compare it with the username from JWT
Require jwt-claim user=folder_name
?
Thank you very much.
from mod_authnz_jwt.
AnthonyDeroche
commented on June 1, 2024
The REMOTE_USER is set whatever you use the jwt-login-handler or not. After the signature check, the REMOTE_USER is extracted from the token claims (using AuthJWTAttributeUsername).
from mod_authnz_jwt.
AnthonyDeroche
commented on June 1, 2024
Did you finally succeed ?
from mod_authnz_jwt.
apishta
commented on June 1, 2024
I did not have time to work on this yet. Probably I will do it in the next weeks.
Thanks for asking.
from mod_authnz_jwt.
germainm
commented on June 1, 2024
The REMOTE_USER is set whatever you use the jwt-login-handler or not. After the signature check, the REMOTE_USER is extracted from the token claims (using AuthJWTAttributeUsername).
How can the client get REMOTE_USER ? I don't see that value returned. Only the json token is returned and some headers like Content-Type and Content-Length.
It probably has to do with apache Header module but I could not getting it to work .
from mod_authnz_jwt.
AnthonyDeroche
commented on June 1, 2024
The REMOTE_USER is usually not intended to the client but the to the backend application. The app may decode it and expose a service to get data.
If you need so, you can probably set a header in the response with the REMOTE_USER.
The following code allow you to add the header in the request.
For the response, you could try the same way with the "Header" directive.
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set X-Remote-User "%{RU}e" env=RU
from mod_authnz_jwt.
AnthonyDeroche
commented on June 1, 2024
Did everyone succeed to get the REMOTE_USER ?
from mod_authnz_jwt.
apishta
commented on June 1, 2024
I have decided to extend WebdavServlet on tomcat. That solution was a more suitable solution for my project.
from mod_authnz_jwt.
Related Issues (20)
- Centos issues with mod_authnz_jwt
- Invalid command 'AuthJWTDeliveryType' HOT 1
- How to implement in docker HOT 3
- Using with Docker HOT 1
- Module accepts any issuer and expiration HOT 3
- Incorrect call to ap_log_rerror()
- AuthJWTProvider ldap with Require ldap-group HOT 1
- Missing Authorization header even though one is set HOT 2
- AH55204: auth_jwt authn: the expected parameter user is missing, aborting authentication HOT 1
- Valid tokens stop being accepted HOT 1
- Just a question about /login HOT 4
- Erreneously complains: Decoding process has failed, token is either malformed or signature is invalid HOT 2
- Windows support? HOT 1
- Installation does not work on OpenSuse Leap 15.2 / 15.3 because of apache module naming glitch
- Supported version of mod_authnz_jwt HOT 2
- How do I forward to another page after login? HOT 1
- Duplicate requests and Index not working HOT 2
- Decoding process has failed, token is either malformed or signature is invalid
- We are able to generate the token but not able to set the required environment variables with data stored in DB. Used AuthJWTProvider dbd technique
- Error on libssl.so.1.1 with httpd:2.4.58 image HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mod_authnz_jwt.