Commit aaac476c authored by Rafael Monnerat's avatar Rafael Monnerat

Do not unset Remote-User on the frontend

  The Remote User is managed on the backend apache which will unset it anyway.
parent 78407e48
...@@ -14,5 +14,5 @@ ...@@ -14,5 +14,5 @@
# not need these here). # not need these here).
[template-apache-backend-conf] [template-apache-backend-conf]
filename = apache-backend.conf.in filename = apache-backend.conf.in
md5sum = 84d43d3535ffc67f677710b1d97e19aa md5sum = bb8c175a93336f0e1838fd47225426f9
...@@ -18,7 +18,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e ...@@ -18,7 +18,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg filename = instance-apache-frontend.cfg
md5sum = a6b566a29f1b5021d0f1f3c4fa20d749 md5sum = d6398d727eb1e1bc3df1768a9b9a7e0c
[template-apache-replicate] [template-apache-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
...@@ -38,7 +38,7 @@ md5sum = 665e83d660c9b779249b2179d7ce4b4e ...@@ -38,7 +38,7 @@ md5sum = 665e83d660c9b779249b2179d7ce4b4e
[template-apache-frontend-configuration] [template-apache-frontend-configuration]
filename = templates/apache.conf.in filename = templates/apache.conf.in
md5sum = 05239181f4d5d0e3fe6bccda587fa9a5 md5sum = b666d7c4a5c1fd8020713aa53b44a386
[template-custom-slave-list] [template-custom-slave-list]
filename = templates/apache-custom-slave-list.cfg.in filename = templates/apache-custom-slave-list.cfg.in
......
...@@ -20,9 +20,6 @@ TypesConfig {{ httpd_home }}/conf/mime.types ...@@ -20,9 +20,6 @@ TypesConfig {{ httpd_home }}/conf/mime.types
AddType application/x-compress .Z AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz AddType application/x-gzip .gz .tgz
# As backend is trusting Remote-User header unset it always
RequestHeader unset Remote-User
ServerTokens Prod ServerTokens Prod
# Disable TRACE Method # Disable TRACE Method
......
...@@ -54,11 +54,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b ...@@ -54,11 +54,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in filename = templates/default-virtualhost.conf.in
md5sum = 2694992850b565edebf11dae62f032c7 md5sum = 8198e3ad06a4d6c750d22d8cf854fa41
[template-cached-slave-virtualhost] [template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in filename = templates/cached-virtualhost.conf.in
md5sum = 434ff5db37b6b980713b03a37eed928a md5sum = db68c015f1ac06d74f9373f6f846577d
[template-log-access] [template-log-access]
filename = templates/template-log-access.conf.in filename = templates/template-log-access.conf.in
......
...@@ -21,8 +21,6 @@ ...@@ -21,8 +21,6 @@
proxy / {{ slave_parameter.get('backend_url', '') }} { proxy / {{ slave_parameter.get('backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms try_interval {{ slave_parameter['proxy_try_interval'] }}ms
# As backend is trusting Remote-User header unset it always
header_upstream -Remote-User
transparent transparent
timeout 600s timeout 600s
...@@ -49,8 +47,6 @@ ...@@ -49,8 +47,6 @@
proxy / {{ slave_parameter.get('https_backend_url', '') }} { proxy / {{ slave_parameter.get('https_backend_url', '') }} {
try_duration {{ slave_parameter['proxy_try_duration'] }}s try_duration {{ slave_parameter['proxy_try_duration'] }}s
try_interval {{ slave_parameter['proxy_try_interval'] }}ms try_interval {{ slave_parameter['proxy_try_interval'] }}ms
# As backend is trusting Remote-User header unset it always
header_upstream -Remote-User
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
......
...@@ -108,8 +108,6 @@ ...@@ -108,8 +108,6 @@
without /prefer-gzip without /prefer-gzip
header_upstream Accept-Encoding gzip header_upstream Accept-Encoding gzip
{%- endif %} {#- if proxy_name == 'prefer-gzip' #} {%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting Remote-User header unset it always
header_upstream -Remote-User
{%- for disabled_cookie in disabled_cookie_list %} {%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies # Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3" header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
...@@ -245,8 +243,6 @@ ...@@ -245,8 +243,6 @@
without /prefer-gzip without /prefer-gzip
header_upstream Accept-Encoding gzip header_upstream Accept-Encoding gzip
{%- endif %} {#- if proxy_name == 'prefer-gzip' #} {%- endif %} {#- if proxy_name == 'prefer-gzip' #}
# As backend is trusting Remote-User header unset it always
header_upstream -Remote-User
{%- for disabled_cookie in disabled_cookie_list %} {%- for disabled_cookie in disabled_cookie_list %}
# Remove cookie {{ disabled_cookie }} from client Cookies # Remove cookie {{ disabled_cookie }} from client Cookies
header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3" header_upstream Cookie "(.*)(^{{ disabled_cookie }}=[^;]*; |; {{ disabled_cookie }}=[^;]*|^{{ disabled_cookie }}=[^;]*$)(.*)" "$1 $3"
......
...@@ -883,7 +883,6 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -883,7 +883,6 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
headers=None, cookies=None, source_ip=None): headers=None, cookies=None, source_ip=None):
if headers is None: if headers is None:
headers = {} headers = {}
headers.setdefault('Remote-User', 'SOME_REMOTE_USER')
# workaround request problem of setting Accept-Encoding # workaround request problem of setting Accept-Encoding
# https://github.com/requests/requests/issues/2234 # https://github.com/requests/requests/issues/2234
headers.setdefault('Accept-Encoding', 'dummy') headers.setdefault('Accept-Encoding', 'dummy')
...@@ -908,7 +907,6 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -908,7 +907,6 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
headers=None): headers=None):
if headers is None: if headers is None:
headers = {} headers = {}
headers.setdefault('Remote-User', 'SOME_REMOTE_USER')
# workaround request problem of setting Accept-Encoding # workaround request problem of setting Accept-Encoding
# https://github.com/requests/requests/issues/2234 # https://github.com/requests/requests/issues/2234
headers.setdefault('Accept-Encoding', 'dummy') headers.setdefault('Accept-Encoding', 'dummy')
...@@ -1475,7 +1473,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1475,7 +1473,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.instance_path, '*', 'var', 'log', 'httpd', '_empty_access_log' self.instance_path, '*', 'var', 'log', 'httpd', '_empty_access_log'
))[0] ))[0]
log_regexp = r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} - SOME_REMOTE_USER ' \ log_regexp = r'^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} - - ' \
r'\[\d{2}\/.{3}\/\d{4}\:\d{2}\:\d{2}\:\d{2} \+\d{4}\] ' \ r'\[\d{2}\/.{3}\/\d{4}\:\d{2}\:\d{2}\:\d{2} \+\d{4}\] ' \
r'"GET \/test-path HTTP\/1.1" 404 \d+ "-" '\ r'"GET \/test-path HTTP\/1.1" 404 \d+ "-" '\
r'"python-requests.*" \d+' r'"python-requests.*" \d+'
......
...@@ -22,4 +22,4 @@ md5sum = e8033d4fd7b6348b525a6148762ccdb4 ...@@ -22,4 +22,4 @@ md5sum = e8033d4fd7b6348b525a6148762ccdb4
[template-apache-backend-conf] [template-apache-backend-conf]
filename = apache-backend.conf.in filename = apache-backend.conf.in
md5sum = aff99c44ccf16eaa2ca25430d76d3bd6 md5sum = 48f086ce1acffca7bab942b43d856fb7
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment