Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1mkjU7-0002DZ-Lg
	for pgadmin-hackers@arkaria.postgresql.org; Wed, 10 Nov 2021 09:01:35 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.92)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1mkjU5-0001dg-FB
	for pgadmin-hackers@arkaria.postgresql.org; Wed, 10 Nov 2021 09:01:33 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <khushboo.vashi@enterprisedb.com>)
	id 1mkjU4-0001dW-Jo
	for pgadmin-hackers@lists.postgresql.org; Wed, 10 Nov 2021 09:01:33 +0000
Received: from mail-lj1-x22b.google.com ([2a00:1450:4864:20::22b])
	by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128)
	(Exim 4.92)
	(envelope-from <khushboo.vashi@enterprisedb.com>)
	id 1mkjU1-0002wT-L0
	for pgadmin-hackers@postgresql.org; Wed, 10 Nov 2021 09:01:31 +0000
Received: by mail-lj1-x22b.google.com with SMTP id 1so3928337ljv.2
        for <pgadmin-hackers@postgresql.org>;
 Wed, 10 Nov 2021 01:01:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=enterprisedb.com; s=google;
        h=mime-version:from:date:message-id:subject:to;
        bh=N5ecUHiBn2j7rtHhcrKK7uNcFQLXH3KJf6XEZBCBQwA=;
        b=UUjQSlHbylmbxTfUZtOFjs1lBLH7Ayj9TOiSlWSTNQWAkX33gQaDiyt35uXNtYnVI3
         iY7PVJPABAO9RPwEa9KwjfIC64obWdy47Y9akk7z3Wm7LH9h1Zb9nc6lEwopSPrdHcVN
         /rvmyh6AHlQuHB/tKi7n6t4hO9tdI5EDKy/2RyZnfw7woum+J71+qObxWgjFpbTZUVXM
         SXF6KiTyFjaN7djntvtwMeoAj73pmvY+OpBslfOhE/URaLB/17T83J0ElaevkLYSD7Aj
         Kb72QrGNVNYYgrep07Zx5ZJ3AvjvXxlSEVe0CEu8MFWXxgJ7TdRAlULRLra2c/ztSjPM
         bVPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=N5ecUHiBn2j7rtHhcrKK7uNcFQLXH3KJf6XEZBCBQwA=;
        b=2fR28uIewaCy66Hh9ed2+QMcNDZJ+Q71VAor5mjTlRR1OcjcS4UADwMiFh/AW379WP
         MCuB6nf9S+bVpyy9Yf0FjTOEH8mChz+25RYLCbBapfTUsPzXG3QSE5mC5DCEs3dyEQBK
         FohJGZvGd/ag2KRdLbgVmCCrLd27g2pwpB+Xvor7crAlhCu7qpahsQGiJhNHuTHT0eEN
         5jISmtAGrwp4CVbh6FqwaVS8O8J9Q0xiT1Jav30E/VSDYr5/tCSQIUxwm/KReeUr0bbJ
         RL67PkNjlh/+qABnf6UBPWHwkPZQ03Ix7gIUschOiDCYu4A1W9SblMAY4JSLwv0q+4II
         ISSA==
X-Gm-Message-State: AOAM530ZpTZoBFt5WFkg0LM8F0W6YGZ4KKkV6IeoFjCBR2BC+VzdJ+Iu
	KjX4MD6BSKjl9a+Zpf9I2iL6JofIAqWwXwdjYEgLrHf9cP4z8zoXz7w36UPTAQ+drZY5cvUJo1M
	xwhRoRtqy51cSRzZoppop6pD7dlWJeDJv6sL7QKrlv9MXRfgadvAqmHdXn7brV+ylvhou9f2kqV
	KnBGxgq6pZuWtMdU2t1i7goa2Nzlp2WJ7Nxvdn2Cf1AdyzOVvkMhaTXWehX4cmfoUj4g==
X-Google-Smtp-Source: 
 ABdhPJyxYO12oXxXXMxPuH9I/C18Yc0PL++kl/46KKHbiIW/8jFLexzhKZuctrjf9uYzp6kRrl0w/s1rfOQN+KX0TlA=
X-Received: by 2002:a2e:8659:: with SMTP id
 i25mr14622796ljj.366.1636534886988;
 Wed, 10 Nov 2021 01:01:26 -0800 (PST)
MIME-Version: 1.0
From: Khushboo Vashi <khushboo.vashi@enterprisedb.com>
Date: Wed, 10 Nov 2021 14:31:15 +0530
Message-ID: 
 <CAFOhELda-+YpXUBTGqd9PWROSuxYMsKJC2bGz+tPcONrxUA63g@mail.gmail.com>
Subject: [pgAdmin4][Patch] - RM #6953 - Webserver Authentication enhancement
To: pgadmin-hackers <pgadmin-hackers@postgresql.org>
Content-Type: multipart/mixed; boundary="0000000000009a390f05d06b78ff"
X-CLOUD-SEC-AV-Info: enterprisedb,google_mail,monitor
X-CLOUD-SEC-AV-Sent: true
X-Gm-Spam: 0
X-Gm-Phishy: 0
List-Id: <pgadmin-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgadmin-hackers@lists.postgresql.org>
List-Owner: <mailto:pgadmin-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgadmin-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAFOhELda-%2BYpXUBTGqd9PWROSuxYMsKJC2bGz%2BtPcONrxUA63g%40mail.gmail.com>
Precedence: bulk

--0000000000009a390f05d06b78ff
Content-Type: multipart/alternative; boundary="0000000000009a390d05d06b78fd"

--0000000000009a390d05d06b78fd
Content-Type: text/plain; charset="UTF-8"

Hi,

Please find the attached patch for the RM # 6953 - Webserver
Authentication: Include headers coming from servers.

In the RM, 2 users have provided the solution, I have merged them.

As per the current behaviour, pgAdmin only considers the REMOTE_USER
environment variable (set by the webserver). In this patch, we have
introduced the WEBSERVER_REMOTE_USER config variable, so users can modify
it as per their environment. Also, we check for the environment as well as
request headers for the remote user details.

Thanks,
Khushboo

--0000000000009a390d05d06b78fd
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><font face=3D"arial, sans-serif" color=3D"#000000">Hi,</fo=
nt><div><font face=3D"arial, sans-serif" color=3D"#000000"><br></font></div=
><div><font face=3D"arial, sans-serif" color=3D"#000000">Please find the at=
tached patch for the RM # 6953 -=C2=A0</font><span style=3D"color:rgb(0,0,0=
);font-family:arial,sans-serif">Webserver Authentication: Include headers c=
oming from servers.</span></div><div class=3D"gmail-subject" style=3D""><di=
v style=3D""><span style=3D"color:rgb(0,0,0);font-family:arial,sans-serif">=
<br></span></div><div style=3D""><span style=3D"color:rgb(0,0,0);font-famil=
y:arial,sans-serif">In the RM, 2 users have provided the solution, I have m=
erged them.</span><br></div><div style=3D""><font face=3D"arial, sans-serif=
" color=3D"#000000"><br></font></div><div style=3D""><font color=3D"#000000=
" face=3D"arial, sans-serif">As per the current behaviour, pgAdmin only con=
siders the REMOTE_USER environment variable (set by the webserver). In this=
 patch, we have introduced the WEBSERVER_REMOTE_USER config variable, so us=
ers can modify it as per their environment. Also, we check for the environm=
ent as well as request headers for the remote user details.</font></div><di=
v style=3D""><font face=3D"arial, sans-serif" color=3D"#000000"><br></font>=
</div><div style=3D""><font face=3D"arial, sans-serif" color=3D"#000000">Th=
anks,</font></div><div style=3D""><font face=3D"arial, sans-serif" style=3D=
"" color=3D"#000000">Khushboo</font></div></div></div>

--0000000000009a390d05d06b78fd--

--0000000000009a390f05d06b78ff
Content-Type: application/octet-stream; name="RM_6953.patch"
Content-Disposition: attachment; filename="RM_6953.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_kvtag1t50>
X-Attachment-Id: f_kvtag1t50

ZGlmZiAtLWdpdCBhL2RvY3MvZW5fVVMvd2Vic2VydmVyLnJzdCBiL2RvY3MvZW5fVVMvd2Vic2Vy
dmVyLnJzdAppbmRleCBhYmQwY2Y2YzQuLmM1NGMxNDE2NCAxMDA2NDQKLS0tIGEvZG9jcy9lbl9V
Uy93ZWJzZXJ2ZXIucnN0CisrKyBiL2RvY3MvZW5fVVMvd2Vic2VydmVyLnJzdApAQCAtMzIsNiAr
MzIsOSBAQCBhbmQgbW9kaWZ5IHRoZSB2YWx1ZXMgZm9yIHRoZSBmb2xsb3dpbmcgcGFyYW1ldGVy
czoKICAgICAiV0VCU0VSVkVSX0FVVE9fQ1JFQVRFX1VTRVIiLCAiU2V0IHRoZSB2YWx1ZSB0byAq
VHJ1ZSogaWYgeW91IHdhbnQgdG8gYXV0b21hdGljYWxseQogICAgIGNyZWF0ZSBhIHBnQWRtaW4g
dXNlciBjb3JyZXNwb25kaW5nIHRvIGEgc3VjY2Vzc2Z1bGx5IGF1dGhlbnRpY2F0ZWQgV2Vic2Vy
dmVyIHVzZXIuCiAgICAgUGxlYXNlIG5vdGUgdGhhdCBwYXNzd29yZCBpcyBub3Qgc3RvcmVkIGlu
IHRoZSBwZ0FkbWluIGRhdGFiYXNlLiIKKyAgICAiV0VCU0VSVkVSX1JFTU9URV9VU0VSIiwgIlRo
ZSBkZWZhdWx0IHZhbHVlIGlzIFJFTU9URV9VU0VSLCBzZXQgdGhpcyB2YXJpYWJsZSB0byBhbnkg
aGVhZGVyCisgICAgb3IgZW52aXJvbmVtbnQgdmFyaWFibGUgdG8gZ2V0IHRoZSB3ZWJzZXJ2ZXIg
cmVtb3RlIHVzZXIgZGV0YWlscy4gUG9zc2libGUgdmFsdWVzOiBSRU1PVEVfVVNFUiwKKyAgICBI
VFRQX1hfRk9SV0FSREVEX1VTRVIsIFgtRm9yd2FyZGVkLVVzZXIuIgogCiAKIE1hc3RlciBQYXNz
d29yZApkaWZmIC0tZ2l0IGEvd2ViL2NvbmZpZy5weSBiL3dlYi9jb25maWcucHkKaW5kZXggYzc3
ZDkyZjkyLi4zM2IyNmZlZDUgMTAwNjQ0Ci0tLSBhL3dlYi9jb25maWcucHkKKysrIGIvd2ViL2Nv
bmZpZy5weQpAQCAtNzM2LDYgKzczNiwxMyBAQCBPQVVUSDJfQVVUT19DUkVBVEVfVVNFUiA9IFRy
dWUKIAogV0VCU0VSVkVSX0FVVE9fQ1JFQVRFX1VTRVIgPSBUcnVlCiAKKyMgUkVNT1RFX1VTRVIg
dmFyaWFibGUgd2lsbCBiZSB1c2VkIHRvIGNoZWNrIHRoZSBlbnZpcm9ubWVudCB2YXJpYWJsZQor
IyBpcyBzZXQgb3Igbm90IGZpcnN0LCBpZiBub3QgYXZhaWxhYmxlLAorIyByZXF1ZXN0IGhlYWRl
ciB3aWxsIGJlIGNoZWNrZWQgZm9yIHRoZSBzYW1lLgorIyBQb3NzaWJsZSB2YWx1ZXM6IFJFTU9U
RV9VU0VSLCBIVFRQX1hfRk9SV0FSREVEX1VTRVIsIFgtRm9yd2FyZGVkLVVzZXIKKworV0VCU0VS
VkVSX1JFTU9URV9VU0VSID0gJ1JFTU9URV9VU0VSJworCiAjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwogIyBQ
U1FMIHRvb2wgc2V0dGluZ3MKICMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCmRpZmYgLS1naXQgYS93ZWIvcGdh
ZG1pbi9hdXRoZW50aWNhdGUvd2Vic2VydmVyLnB5IGIvd2ViL3BnYWRtaW4vYXV0aGVudGljYXRl
L3dlYnNlcnZlci5weQppbmRleCA0N2FmOGJlY2QuLjRjODRmNzlhNCAxMDA2NDQKLS0tIGEvd2Vi
L3BnYWRtaW4vYXV0aGVudGljYXRlL3dlYnNlcnZlci5weQorKysgYi93ZWIvcGdhZG1pbi9hdXRo
ZW50aWNhdGUvd2Vic2VydmVyLnB5CkBAIC03Nyw3ICs3NywxMSBAQCBjbGFzcyBXZWJzZXJ2ZXJB
dXRoZW50aWNhdGlvbihCYXNlQXV0aGVudGljYXRpb24pOgogICAgICAgICByZXR1cm4gVHJ1ZQog
CiAgICAgZGVmIGdldF91c2VyKHNlbGYpOgotICAgICAgICByZXR1cm4gcmVxdWVzdC5lbnZpcm9u
LmdldCgnUkVNT1RFX1VTRVInKQorICAgICAgICB1c2VybmFtZSA9IHJlcXVlc3QuZW52aXJvbi5n
ZXQoY29uZmlnLldFQlNFUlZFUl9SRU1PVEVfVVNFUikKKyAgICAgICAgaWYgbm90IHVzZXJuYW1l
OgorICAgICAgICAgICAgIyBPbmUgbW9yZSB0cnkgdG8gZ2V0IHRoZSBSZW1vdGUgVXNlciBmcm9t
IHRoZSBoZWFyZGVycworICAgICAgICAgICAgdXNlcm5hbWUgPSByZXF1ZXN0LmhlYWRlcnMuZ2V0
KGNvbmZpZy5XRUJTRVJWRVJfUkVNT1RFX1VTRVIpCisgICAgICAgIHJldHVybiB1c2VybmFtZQog
CiAgICAgZGVmIGF1dGhlbnRpY2F0ZShzZWxmLCBmb3JtKToKICAgICAgICAgdXNlcm5hbWUgPSBz
ZWxmLmdldF91c2VyKCkK
--0000000000009a390f05d06b78ff--