How do I pass the HTTP username from Apache to Mongrel/Rails?

The goal: running a Rails application on Mongrels, allowing access through Apache after d开发者_运维问答oing basic HTTP Authentication

The problem: reading the supplied username from within Rails

Apache:

<Proxy balancer://mongrel_cluster>
    BalancerMember http://127.0.0.1:4001
    # ...

    Order deny,allow
    Deny from all

    AuthType Basic
    AuthName "<realm>"
    AuthUserFile "<users-file>"
    AuthGroupFile "<groups-file>"
    Require group <group>

    Satisfy Any
</Proxy>

RewriteEngine On
# ...
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://mongrel_cluster%{REQUEST_URI} [P,QSA,L]

That works just fine, Apache forces the user to authenticate and forwards to Rails if successful. I omitted a few lines for handling static files and such, and triggering authentication for them as well.

The environment variables from Rails' perspective contain the usual entries and additionally HTTP_X_FORWARDED_HOST, HTTP_X_FORWARDED_SERVER and HTTP_X_FORWARDED_FOR. I was unable to pass custom environment variables by adding them to the rewrite rule:

RewriteRule ... [P,QSA,L,E=foo:bar]

Any thoughts?

---

Try using the RequestHeader directive to put REMOTE_USER in an HTTP header. This seems to have worked for the folks in this thread:

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e