ProxyPass http://127.0.0.1:3000 retry=0 disablereuse=On ProxyPassReverse http://127.0.0.1:3000/grafana RewriteEngine On RewriteRule .* - [E=PROXY_USER:%{LA-U:REMOTE_USER},NS] SetEnvIf Request_Protocol ^HTTPS.* IS_HTTPS=1 SetEnvIf Authorization "^.+$" IS_BASIC_AUTH=1 # without thruk cookie auth, use the proxy user from the rewrite rule above RequestHeader set X-WEBAUTH-USER "%{PROXY_USER}s" env=IS_HTTPS RequestHeader set X-WEBAUTH-USER "%{PROXY_USER}e" env=!IS_HTTPS # when thruk cookie auth is used, fallback to remote user directly RequestHeader set X-WEBAUTH-USER "%{REMOTE_USER}e" env=!IS_BASIC_AUTH RequestHeader unset Authorization