Solved

Problem with http basic authentication

Posted on 2015-01-06
5
101 Views
Last Modified: 2016-05-09
I am having trouble getting basic authentication, so I wrote this simple file which I was hoping would reveal why.

     1  <?php
     2
     3  if (!isset($_SERVER['PHP_AUTH_USER'])) {
     4    header ('WWW-Authenticate: Basic realm="Basic Auth Test"');
     5    header ('HTTP/1.0 401 Unauthorized');
     6    die ("Was the Cancel button pressed?");
     7  }//end if
     8
     9  echo "\nOk, we have a value! Let's dump the \$_SERVER global array!\n\n";
    10  var_dump($_SERVER);
    11  echo "\n\nFinished!\n";
    12
    13  ?>
    14

It should open an 'Authentication Required' window requesting a user name and password, but should accept whatever is entered. However, the window appears as expected, but when the fields are filled and OK is clicked, it vanishes for a very brief time, then reappears. Seems the entries are not being kept in the $_SERVER['PHP_AUTH_USER'] array.

The server is running Centos 6.5 and Plesk 12

I tried running the script on another server with Centos 6.4 with no GUI, and it works fine when I browse it.

Kind of making me crazy. Hope someone can help.

Wayne
0
Comment
Question by:denverwayne
5 Comments
 
LVL 16

Expert Comment

by:HagayMandel
ID: 40537777
Use
if(isset($_SERVER['PHP_AUTH_USER'])){
  var_dump($_SERVER['PHP_AUTH_USER']);
}

Open in new window

at the very beginning of the code, to find out what is really kept there.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40541763
Is there some reason you have '&lt;' instead of '<' at the beginning?  This is what it should look like.

<?php

if (!isset($_SERVER['PHP_AUTH_USER'])) {
  header ('WWW-Authenticate: Basic realm="Basic Auth Test"');
  header ('HTTP/1.0 401 Unauthorized');
  die ("Was the Cancel button pressed?");
}//end if

echo "\nOk, we have a value! Let's dump the \$_SERVER global array!\n\n";
var_dump($_SERVER);
echo "\n\nFinished!\n";

?>

Open in new window

0
 

Author Comment

by:denverwayne
ID: 40640317
OK, thanks. Finally got it!
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

805 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question