This is an old revision of the document!
ADUCID offers No—code integration as default authentication method. It is implemented a set of modules including Apache web server and ADUCID core components. As result, target application receives user login name in http header (e.g. REMOTE_USER).
User ID is sent to application in header attribute - REMOTE_USER In ADUCID AIM it is called UDI As we use Apache you can rename it to anything else - some applications use x-forwarded-user or other user ID
Apache has to be accessible only via TLS (https) Back-end application has to be separated and accessible only from Apache (http, ajp, …) Headers from client are not transported to the back-end as ProxyPass is used (unless you configure Apache to do it)
So if users sents REMOTE_USER to Apache, it is wiped out