whittet
asked on
Apache doesn't return REMOTE_USER variable
Ubuntu Linux 8.04 Apache 2.2 mod_auth_kerb php5 (non-cgi)
Apache's httpd.conf:
<Files ~ "^/WordPress/wp-admin/">
AuthType Kerberos
Require valid-user
</Files>
(SUCCESS) UnitTest1: kinit, klist both tested successfully as myUserName.
(SUCCESS) UnitTest2: Can access the files only when logged into Windows Vista as a Domain User.
(FAILURE) UnitTest3: phpinfo() function does not show an Apache REMOTE_USER variable.
Please share your knowledge of where my configuration is missing.
Apache's httpd.conf:
<Files ~ "^/WordPress/wp-admin/">
AuthType Kerberos
Require valid-user
</Files>
(SUCCESS) UnitTest1: kinit, klist both tested successfully as myUserName.
(SUCCESS) UnitTest2: Can access the files only when logged into Windows Vista as a Domain User.
(FAILURE) UnitTest3: phpinfo() function does not show an Apache REMOTE_USER variable.
Please share your knowledge of where my configuration is missing.
ASKER
As I tried to say above. The permissions piece works, but the REMOTE_USER has no value in phpinfo().
Here is my syntax.
<Directory /wordpress>
<IfModule mod_auth_kerb>
AuthType Kerberos
AuthName "MYDOMAIN Login"
KrbAuthRealms MYDOMAIN.LOCAL
KrbServiceName HTTP
Krb5Keytab /etc/krb5.keytab
KrbMethodNegotiate on
KrbMethodK5Passwd off
KrbSaveCredentials on
KrbAuthoritative on
</IfModule>
<Files ~ "^(wp-admin/|(wp-login|wp- register)\ .php)">
Order allow,deny
Allow from all
Require valid-user
</Files>
</Directory>
Here is my syntax.
<Directory /wordpress>
<IfModule mod_auth_kerb>
AuthType Kerberos
AuthName "MYDOMAIN Login"
KrbAuthRealms MYDOMAIN.LOCAL
KrbServiceName HTTP
Krb5Keytab /etc/krb5.keytab
KrbMethodNegotiate on
KrbMethodK5Passwd off
KrbSaveCredentials on
KrbAuthoritative on
</IfModule>
<Files ~ "^(wp-admin/|(wp-login|wp-
Order allow,deny
Allow from all
Require valid-user
</Files>
</Directory>
Hi whittet,
Please try the following two variables:
echo $_SERVER['PHP_AUTH_USER'] . '<br />';
echo $_SERVER['PHP_AUTH_PW'] . '<br />';
Please try the following two variables:
echo $_SERVER['PHP_AUTH_USER'] . '<br />';
echo $_SERVER['PHP_AUTH_PW'] . '<br />';
Or try the full snippet below...
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="TEST"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}
?>
ASKER
julianmatz - Those values are not set.
I tried all the suggestions from this https://www.experts-exchange.com/questions/23840099/Cannot-see-REMOTE-USER-variable-in-Apache-2-2-3-CentOS-using-PHP-5-1-6.html, but was under the impression that mod_auth_kerb was an alternative to mod_ntlm or winbind.
I tried all the suggestions from this https://www.experts-exchange.com/questions/23840099/Cannot-see-REMOTE-USER-variable-in-Apache-2-2-3-CentOS-using-PHP-5-1-6.html, but was under the impression that mod_auth_kerb was an alternative to mod_ntlm or winbind.
Are you running safe mode?
ASKER
No safe mode.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I provided an answer to the question of why the values are not populated. Granted, the user never came back to confirm they could be matched in a different location, but the original question was about "why".
I believe my comment at #24424999 answered the original question. Further input from the OP could have taken this a little further, but the solution was provided.
AuthType Kerberos
Require valid-user
</Files>
Files is to match against filenames, use DirectoryMatch to match against a directory.
Open in new window