Cgi.auth_user in 6.0.1.83

cgi.auth_user is empty when using 6.0.1.83.

We have lucee behind IIS using CommandBox/BonCode. It used to work in 6.0.1.0.

Any others experiencing the same issue?

It seems that, it wasn’t issue. remote_user and the auth_user are mapped to the same key, so it returns the same value.
Related ticket : [LDEV-4126] - Lucee

if (key.equals(KeyConstants._auth_user)) return store(key, toString(req.getRemoteUser()));

We updated the fix on 6.0.1.63 version.
Is this are you trying to say? If not, could you please explain the issue

1 Like

IIS docs also says auth_user and remote_user should be the same: IIS Server Variables | Microsoft Learn

However, on 6.0.1.0, cgi.auth_user actually returns the authenticated user but cgi.remote_user is empty.

The code change on [LDEV-4126] - Lucee forces auth_user to just use remote_user. So both are the same but now they are both empty. There’s no way to get the authenticated user.