Uploaded image for project: 'LDAP'
  1. LDAP
  2. LDAP-32

Allow using an HTTP header to provide the remote user

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 9.0.5
    • Fix Version/s: 9.1
    • Component/s: API
    • Labels:
      None
    • Similar issues:

      Description

      By default the remote user is obtained by using the HttpServletRequest#getRemoteUser() method which return the authenticated user from the container.
      By setting the xwiki.authentication.ldap.httpHeader variable, the remote user will be take from an HTTP header.
      The server administrator is responsible to ensure that this http header could not be forged, and this parameter is xwiki.cfg only to prevent malicious usage.

        Attachments

          Activity

            People

            Assignee:
            softec Denis Gervalle
            Reporter:
            softec Denis Gervalle
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: