HTTP Authentication Error

I am getting an authentication error when I open the page, I am not even prompted for the userid or password.   Any suggestions?
I use require_once('authvars.php') to call the attached code.  
<?php

    #We have to specify username and password for authentication
    $user = "userdemo";
    $pass = "passdemo";
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
    #We ask to open a popup of Authentication System on the client browser
    if (!isset($_SERVER['PHP_AUTH_USER']))
    {
    header("WWW-Authenticate: Basic realm=\"You must Log In!\"");
    Header("HTTP/1.0 401 Unauthorized");
    exit;
    }
    #We have to verify is Login User and Password are the same of defined variables
    else if (($_SERVER['PHP_AUTH_USER'] == $user) && ($_SERVER['PHP_AUTH_PW'] == $pass))
    {
    echo "Now you are Logged In";
    }
    #If Login not is correct
    else
    {
    echo "Error!";
    }
    ?>

Open in new window

rcowen00Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

UmopepisdnCommented:
Do you receive 'Error!' or an actual unauthorized HTTP status code?

What are the values of $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'']?
0
rcowen00Author Commented:
The page opens with the input and href objects but with Error! listed too.  The values are currently
$user = "userdemo";
    $pass = "passdemo";
0
UmopepisdnCommented:
Your problem is that $_SERVER['PHP_AUTH_USER'] will never be unset.  You should check to see if it is null:

if ( $_SERVER['PHP_AUTH_USER'] == null)
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

UmopepisdnCommented:
Hmm, this just gets you into the code path with the header statements, but doesn't work much better.
0
rcowen00Author Commented:
I'm being prompted for the authentication, but when I click OK it just asks again.  No error response.
<?php

    #We have to specify username and password for authentication
    $user = "userdemo";
    $pass = "passdemo";
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
    #We ask to open a popup of Authentication System on the client browser
    if ( $_SERVER['PHP_AUTH_USER'] == null)
    {
    header("WWW-Authenticate: Basic realm=\"You must Log In!\"");
    Header("HTTP/1.0 401 Unauthorized");
    exit;
    }
    #We have to verify is Login User and Password are the same of defined variables
    else if (($_SERVER['PHP_AUTH_USER'] == $user) && ($_SERVER['PHP_AUTH_PW'] == $pass))
    {
    echo "Now you are Logged In";
    }
    #If Login not is correct
    else
    {
    echo "Error!";
    }
    ?>

Open in new window

0
UmopepisdnCommented:
It looks like these are blank for me because $_SERVER['REDIRECT_REMOTE_USER'] is not set where I'm testing this.
0
UmopepisdnCommented:
Looking around, it seems like the reason this is happening can vary based on how your web host's PHP installation is set up.

Can you share the output of this (with anything sensitive or personally-identifying removed)?  

echo "<pre>";
print_r($_SERVER);
echo "</pre>";
0
Dave BaldwinFixer of ProblemsCommented:
This page, http://php.net/manual/en/features.http-auth.php, says that this only works as an Apache module which means not in CGI mode.  It has examples and warning about Internet Explorer problems.  Which web server and browser are yuo using?
0
rcowen00Author Commented:
Here you go, I'm not sure what I am looking for here?
Array
(
    [DOCUMENT_ROOT] => /var/chroot/home/content/t/r/a/transconvalue/html
    [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
    [PHPRC] => /home/content/t/r/a/transconvalue/html
    [PHP_FCGI_CHILDREN] => 3
    [PHP_FCGI_MAX_REQUESTS] => 500
    [REDIRECT_STATUS] => 200
    [SPI] => TRUE
    [FCGI_ROLE] => RESPONDER
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7
    [HTTP_ACCEPT_ENCODING] => gzip,deflate
    [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5
    [HTTP_CACHE_CONTROL] => max-age=0
    [HTTP_CONNECTION] => keep-alive
    [HTTP_COOKIE] => fc=fcVal=1850929852399479296
    [HTTP_HOST] => www.tcvpath.com
    [HTTP_KEEP_ALIVE] => 300
    [HTTP_REFERER] => http://www.tcvpath.com/index.php
    [HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 GTB6 (.NET CLR 3.5.30729)
    [PATH_INFO] => /propinsp.php
    [RAILS_ENV] => production
    [REMOTE_ADDR] => 68.101.255.112
    [REMOTE_PORT] => 52639
    [SCRIPT_FILENAME] => /var/chroot/home/content/t/r/a/transconvalue/html/propinsp.php
    [SCRIPT_URI] => http://www.tcvpath.com/propinsp.php
    [SCRIPT_URL] => /propinsp.php
    [SERVER_ADDR] => 97.74.215.187
    [SERVER_ADMIN] => support@supportwebsite.com
    [SERVER_NAME] => www.tcvpath.com
    [SERVER_PORT] => 80
    [SERVER_SIGNATURE] => 
Apache/1.3.33 Server at www.tcvpath.com Port 80


    [SERVER_SOFTWARE] => Apache
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => job_id=114&tc_number=TC29307&prop_addr_1=12767%20TAMIAMI%20TRAIL%20S%20&prop_city=NORTH%20PORT&prop_state=AZ&prop_county=SARASOTA&prop_zip=34287
    [REQUEST_URI] => /propinsp.php?job_id=114&tc_number=TC29307&prop_addr_1=12767%20TAMIAMI%20TRAIL%20S%20&prop_city=NORTH%20PORT&prop_state=AZ&prop_county=SARASOTA&prop_zip=34287
    [SCRIPT_NAME] => /propinsp.php
    [PHP_SELF] => /propinsp.php
    [REQUEST_TIME] => 1272136730
)

Open in new window

0
UmopepisdnCommented:
One solution for this issue when caused by a php-cgi installation:

http://www.besthostratings.com/articles/http-auth-php-cgi.html


First, create this .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>


This should add the user/pass pair currently in use to HTTP_AUTHORIZATION.  

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)$

To get this to work in my test, I assigned these variables right after the 401 error is thrown.

    if ( $_SERVER['PHP_AUTH_USER'] == null)
    {
          header("WWW-Authenticate: Basic realm=\"You must Log In!\"");
          header("HTTP/1.0 401 Unauthorized");
          list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)$

          exit;
    }
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rcowen00Author Commented:
I actually had all of that from research I had done before my question.  I fixed it by doing further research on the .htaccess file.  I didn't realize that it had to be called ".htaccess" versus "somefile.htaccess.  Newbie error.  Thank you for your help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.