[Xymon] transform REMOTE_USER for display purposes?
ralphmitchell at gmail.com
Sun Aug 3 08:07:35 CEST 2014
I found that Apache breaks out client certificate information so this is
handed to the cgi scripts in the environment:
I still have the big ugly DN string in the passwd file for FakeBasicAuth to
work, but with this:
in /home/xymon/server/etc/cgioptions.cfg, at least the shorter name is used
for the web pages where a test is acked or disabled.
On Sat, Aug 2, 2014 at 8:12 PM, Richard L. Hamilton <rlhamil2 at gmail.com>
> There are those who have asked for a way to transform the REMOTE_USER
> variable when it's used for display purposes (like in the enadis.sh CGI
> program). This can be perhaps more desirable when client certs are used
> with +FakeBasicAuth; the rather long identifying strings then used in the
> xymonpasswd (or comparable) file are a bit ugly.
> AFAIK, Apache's mod_env will not modify standard CGI environment
> variables; so the CGI's would have to do it. If they checked if some
> optional RE was in a config file, they could use that to convert
> REMOTE_USER into something better suited to display than e.g.
> /CN=CAcert WoT User/emailAddress=johndoe at nobody.com
> (trivial example of what a free cert from CAcert might show up as); or
> there could be a file that just mapped REMOTE_USER values to display names.
> Overkill, or worthwhile? :-)
> Xymon mailing list
> Xymon at xymon.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon