I am currently attempting to migrate an existing system which is built on the Sun web proxy server and the Sun web server to the Apache web server. The proxy portion will remain on Sun until proxy appliances are obtained and installed, so all I'm dealing with now is the move to Apache HTTPD.
The current system has user access control that is completely based on the proxy server and acls therein. This means that users log into the proxy, but there is no login requirement on the web servers. There are a number of cgi scripts which need to get the user name to operate correctly. Currently the environment variable HTTP_PROXY_AUTHORIZATION is used to obtain this information, however from what I can find this is not passed by Apache to the scripts. I understand the security issue with this as it contains the password as well, which I don't need. Is there a way to get at least the user name that is passed by the proxy server. I'm sure I'm missing something simple here, but I just can't seem to find it. Thanks, Terry
