Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d0c9ad9

Browse files
javiereguiluzjaviereguiluz
committed
Added a caution note about REMOTE_USER and user impersonation
1 parent 82ba7db commit d0c9ad9

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

cookbook/security/pre_authenticated.rst

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -151,3 +151,10 @@ key in the ``remote_user`` firewall configuration.
151151
Just like for X509 authentication, you will need to configure a "user provider".
152152
See :ref:`the previous note <cookbook-security-pre-authenticated-user-provider-note>`
153153
for more information.
154+
155+
.. caution::
156+
157+
:doc:`User impersonation <cookbook/security/impersonating_user>` is not
158+
compatible with ``REMOTE_USER`` based authentication. The reason is that
159+
impersonation requires the authentication state to be maintained server-side
160+
but ``REMOTE_USER`` information is sent by the browser in each request.

0 commit comments

Comments
 (0)