I'm trying to install Galaxy behind an Apache proxy using mod_auth_cas for user authentication. I've got a ways in but am now stuck with galaxy not getting the REMOTE_USER. Has anyone deployed with this module? I have use_remote_user = true on in my universe_wsgi.ini along with a valid maildomain. Here's my apache config: NameVirtualHost galaxy.utah.edu:80 NameVirtualHost galaxy.utah.edu:443 CASLoginURL https://go.utah.edu/cas/login CASValidateURL https://go.utah.edu/cas/serviceValidate CASValidateServer Off CASAllowWildcardCert On CASCertificatePath /etc/pki/tls/certs/ca-bundle.trust.crt CASCookiePath /var/run/mod_auth_cas/ CASTimeout 3600 CASIdleTimeout 1800 CASDebug On <VirtualHost 155.101.xx.40:80> RedirectPermanent / https://galaxy.utah.edu/ </VirtualHost> <VirtualHost galaxy.utah.edu:443> SSLEngine on SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite HIGH:-aNULL:-eNULL # Export the SSL environment variables to scripts <Files ~ "\.(cgi|pl|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> # Protocol adjustments for broken clients SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 SSLCertificateFile /etc/pki/tls/certs/wildcard.utah.edu.crt SSLCertificateKeyFile /etc/pki/tls/certs/wildcard.utah.edu.key SSLCertificateChainFile /etc/pki/tls/certs/gd_bundle.crt <Proxy http://localhost:8080> Order deny,allow Allow from all </Proxy> RewriteEngine on <Location "/"> AuthType CAS AuthName Galaxy Require valid-user # CASAuthNHeader REMOTE_SHMUSER # Take the $REMOTE_USER environment variable and set it as a header in the proxy request. RewriteCond %{IS_SUBREQ} ^false$ RewriteCond %{LA-U:REMOTE_USER} (.+) # RewriteCond %{LA-U:REMOTE_SHMUSER} (.+) RewriteRule . - [E=RU:%1] RequestHeader set REMOTE_USER %{RU}e XSendFile on XSendFilePath / # Compress all uncompressed content. SetOutputFilter DEFLATE SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \.(?:t?gz|zip|bz2)$ no-gzip dont-vary SetEnvIfNoCase Request_URI /history/export_archive no-gzip dont-vary RequestHeader set X-URL-SCHEME https </Location> <Location "/static"> # Allow browsers to cache everything from /static for 6 hours ExpiresActive On ExpiresDefault "access plus 6 hours" </Location> ServerName galaxy.utah.edu RewriteRule ^/static/style/(.*) /uufs/utah.edu/sys/pkg/galaxy/std/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /uufs/utah.edu/sys/pkg/galaxy/std/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /uufs/utah.edu/sys/pkg/galaxy/std/static/$1 [L] RewriteRule ^/favicon.ico /uufs/utah.edu/sys/pkg/galaxy/std/static/favicon.ico [L] RewriteRule ^/robots.txt /uufs/utah.edu/sys/pkg/galaxy/std/static/robots.txt [L] RewriteRule ^(.*) http://localhost:8080$1 [P] </VirtualHost> Any help is appreciated. Steve Harper Systems Administrator Center for High Performance Computing University of Utah