[Bug] Header Variable authentication does not work

[crackytsi]

Bug

Work Environment

Question	Answer
OS version (server)	Debian
OS version (client)	10
TheHive version / git hash	4 RC1
Package Type	DEB

Problem Description

Header Variable Authentication does not work as Expected.
My Auth-Config is:

auth {
  providers = [
    {name: session}
    {name: header, userHeader:THEHIVE_USER}
    {name: key}
    {name: local}
  ]
}

I can not see any error message or the authenticated user.
Actually my reverse proxy are the same as in TheHive , there I just had an entry like this:
header.name = THEHIVE_USER

The username is lowercased.

Steps to Reproduce

1. Configure header variable authentication
2. Try to authenticate using the header

[To-om]

@crackytsi I can't reproduce the problem. The user name is case sensitive.

[crackytsi]

Hi @To-om
Is there any difference regarding the TheHive3.4 parameter:
header.name = THEHIVE_USER
?

I don't know, but it does not work.
Do I have any debugging possibilities?

[crackytsi]

Btw:
Making the login name case sensitive is very uncommon.
Especially Email is a case-insensitive, means email is received if you send it to someone@example.com or someOne@exAMPle.coM

[To-om]

I'll lowercase user logins. This will solve case sensitivity.

Regarding authentication with header, I use this command: curl -H 'THEHIVE_USER: myuser@thehive.local' http://127.0.0.1:9000/api/user/current

Note that if you have set auth.defaultUserDomain in configuration (the default value is thehive.local) you can omit the domain in the login: curl -H 'THEHIVE_USER: myuser' http://127.0.0.1:9000/api/user/current

[crackytsi]

@To-om Thanks a lot!!! Thats very nice :) :)
I double-checked it and you are right, my lowercasing did not work correctly on reverse proxy.

Thanks a lot also for your lowercasing, we can close this topic now :)

[To-om]

thank you for your feedback.