Setting values for authenticated users

Centrify for Apache uses the following environment variables or HTTP header names to set values for authenticated user information.

Note: Use the SetAuthUserInfo directive to specify whether to set authenticated user information in HTTP headers or in environment variables.

This environment variable or HTTP header name	Is set to
REQUEST_AUTH_METHOD	The types of authentication to enable. The valid types are: Basic Kerberos NTLM PAM ADFS (Active Directory Federation Services - not described in this book.) The types are not mutually exclusive so more than one type may be enabled. For example: REQUEST_AUTH_METHOD=basic, kerberos,Ntlm
IDENTITY	The Universal Principal Name (UPN) of the authenticated user. For example: IDENTITY=john.doe@acme.com
IDENTITY_TYPE	The type of the identity claim provided by the IDENTITY variable. For authenticated user information, the only valid identity type is UPN. For example: IDENTITY_TYPE=UPN
REMOTE_USERNAME	The authenticated user’s samAccountName from Active Directory. The samAccountName supports pre‑Windows 2000 logon names. For example: REMOTE_USERNAME=ACME\john.doe
REMOTE_UPN	The Universal Principal Name (UPN) of the authenticated user. For example: IDENTITY=john.doe@acme.com
CUSTOM_ATTR_attr-name	The value of the user's LDAP attr-name attribute if non-empty. You can configure the LDAP attributes to fetch for the user by using the CustomAttributes directive.