BOE, Apache reverse proxy, authentication?

Greetings,

I have been reading a fair amount of details surrounding BOE 4 and authentication. What I would like to acheive is the following scenario:

Apache frontend / reverse proxy

BOE 4 (running on Tomcat 6) as the backend.

I would like the frontend apache to handle the authentication, and the backend to trust it.

Is this possible?

The reading I have done leads me to looking at trusted.auth.user.retrieval=REMOTE_USER

I'm not sure if this is the right direction or not.

So, I expanded on it a little by creating a secret key.

I set global.properties to:

sso.enabled=true

trusted.auth.user.retrieval=REMOTE_USER

trusted.auth.shared.secret=<secret key>

But, standalone that did not seem to pass authentication through to the application (at least not the launchpad)

Thanks for any input!

Jason