Skip to content

slapos
slapos
Commit d83217b9 authored by Rafael Monnerat's avatar Rafael Monnerat
1 Browse files
Options

Revert "erp5: backend apache must not handle Remote-User" 

This reverts commit 1bd75eee.
parent e6b0a89a
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 1 deletion
stack/erp5/buildout.hash.cfg
View file @ d83217b9
......@@ -94,7 +94,7 @@ md5sum = 0fad9497da12ed0186dca5236c23f3a7
[template-haproxy-cfg]
filename = haproxy.cfg.in
md5sum = 50c72e1934e589b0e26918cc53ee1fc0
md5sum = 2cd76971b64b0bf7771978ad07bfc2e5
[template-rsyslogd-cfg]
filename = rsyslogd.cfg.in
......
stack/erp5/haproxy.cfg.in
View file @ d83217b9
......@@ -192,6 +192,9 @@ listen {{ name }}
# remove X-Forwarded-For unless client presented a verified certificate
http-request del-header X-Forwarded-For unless { ssl_c_verify 0 } { ssl_c_used 1 }
# set Remote-User if client presented a verified certificate
http-request del-header Remote-User
http-request set-header Remote-User %{+Q}[ssl_c_s_dn(cn)] if { ssl_c_verify 0 } { ssl_c_used 1 }
# reject invalid host header before using it in path
http-request deny deny_status 400 if { req.hdr(host) -m sub / }
......
  • Rafael Monnerat @rafael ·
    Owner

    I reverted 1bd75eee, because it was pushed by mistake. Sorry about that.

    This commit is part of: !1381 and it has to be reviewed properly.

Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7