I have setup haproxy to use a userlist and groups to add basic authentication to a local service which doesn’t have this functionality. Everything is working as expected, but I don’t see how to capture the username that was authenticated so I can add it to the logs. Is this possible to do?
Well, we need a converter to decode base64 and it currently does not exist. We may write one, doesn’t sound that complicated.
There is a dirty workaround: store in a map file the content of the Authorization header encoded in base 64 as the key and the user name as the value.
Then you would be able to do
%[req.hdr(Authorization),map(your_map_file.map)]
And your mapfile would contain something like:
YWRtaW46YWRtaW4K admin
dXNlcjE6bXlwYXNzd29yZAo= user1
etc…