I need to change the way we authenticate a django application.
Currently we authenticate by an apache module which sets the REMOTE_USER header and passes it to the python app in the environment of mod_wsgi.
The new approach will be to use an app gateway. The gateway works like a reverse proxy and intercept requests to the application. The app gateway authenticates the user and if succesful forwards the request to our application with the REMOTE_USER header set.
The problem with this approach is that mod_wsgi will drop that header.Continue reading Passing REMOTE_USER through mod_WSGI