[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

what is wrong if this authentication code doesn't work on a server?

Posted on 2011-05-07
8
Medium Priority
?
789 Views
Last Modified: 2012-06-27
I used example #6 of for testing:
http://php.net/manual/en/features.http-auth.php (right at the start of the page)

and on 1 server it works correct, and on the other server is doesn't.

no matter what i enter, it doesn't get passed the login-window. if i enter a username and pass, it keeps popping-up again, instead of showing what i entered..


help is really appreciated!

<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Text to send if user hits Cancel button';
    exit;
} else {
    echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
    echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}
?>

Open in new window

0
Comment
Question by:peps03
  • 5
  • 2
8 Comments
 
LVL 9

Expert Comment

by:Erdinç Güngör Çorbacı
ID: 35713760
What are the webservers running ? Are both apache ?

Please beware that guide says :
 
For HTTP Authentication to work with IIS, the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
and another knowledge is
If you are using PHP + IIS, make sure to set HTTP Error 401;5 to Default in IIS directory config. Otherwise it won't prompt for username and password but just show an error message.
hope these helps
0
 

Author Comment

by:peps03
ID: 35713779
Thanks for your reaction erdincgc!

in phpinfo it says: SERVER_SOFTWARE:      Apache
0
 
LVL 9

Expert Comment

by:Erdinç Güngör Çorbacı
ID: 35713800
I assume both are same can you attach just  apache environment parts of php info outputs. (Clean rest for security) or just open both php info side by side check differences...

Are php versions same ?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:peps03
ID: 35713814
hope this helps:

phpinfo
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 35714058
It might require some rethinking your application requirements, but this article can show you an example of client authentication.   I realize it is a lot of reading, but please see if it might be helpful.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

Best regards, ~Ray
0
 

Author Comment

by:peps03
ID: 35715091
Thanks for you reaction Ray!

But the code posted above, in my original post, should work on every server right?

Isn't that very basic php code, that shouldn't give any problems?
0
 

Accepted Solution

by:
peps03 earned 0 total points
ID: 35715333
This worked for me for some reason:

I added this in .htaccess. (Change test.php to your script name)

RewriteEngine on
RewriteCond %{HTTP:Authorization} !^$
RewriteRule^test.php$ test.php?login=%{HTTP:Authorization}


And then in my PHP script, i added the following, right before my user/pass check routine:

$d = base64_decode(substr($_GET['login'],6) );
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', $d);
0
 

Author Closing Comment

by:peps03
ID: 35752576
it worked
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses
Course of the Month20 days, 14 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question