Solved

Problem with http basic authentication

Posted on 2015-01-06
5
87 Views
Last Modified: 2016-05-09
I am having trouble getting basic authentication, so I wrote this simple file which I was hoping would reveal why.

     1  <?php
     2
     3  if (!isset($_SERVER['PHP_AUTH_USER'])) {
     4    header ('WWW-Authenticate: Basic realm="Basic Auth Test"');
     5    header ('HTTP/1.0 401 Unauthorized');
     6    die ("Was the Cancel button pressed?");
     7  }//end if
     8
     9  echo "\nOk, we have a value! Let's dump the \$_SERVER global array!\n\n";
    10  var_dump($_SERVER);
    11  echo "\n\nFinished!\n";
    12
    13  ?>
    14

It should open an 'Authentication Required' window requesting a user name and password, but should accept whatever is entered. However, the window appears as expected, but when the fields are filled and OK is clicked, it vanishes for a very brief time, then reappears. Seems the entries are not being kept in the $_SERVER['PHP_AUTH_USER'] array.

The server is running Centos 6.5 and Plesk 12

I tried running the script on another server with Centos 6.4 with no GUI, and it works fine when I browse it.

Kind of making me crazy. Hope someone can help.

Wayne
0
Comment
Question by:denverwayne
5 Comments
 
LVL 16

Expert Comment

by:HagayMandel
ID: 40537777
Use
if(isset($_SERVER['PHP_AUTH_USER'])){
  var_dump($_SERVER['PHP_AUTH_USER']);
}

Open in new window

at the very beginning of the code, to find out what is really kept there.
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40541763
Is there some reason you have '&lt;' instead of '<' at the beginning?  This is what it should look like.

<?php

if (!isset($_SERVER['PHP_AUTH_USER'])) {
  header ('WWW-Authenticate: Basic realm="Basic Auth Test"');
  header ('HTTP/1.0 401 Unauthorized');
  die ("Was the Cancel button pressed?");
}//end if

echo "\nOk, we have a value! Let's dump the \$_SERVER global array!\n\n";
var_dump($_SERVER);
echo "\n\nFinished!\n";

?>

Open in new window

0
 

Author Comment

by:denverwayne
ID: 40640317
OK, thanks. Finally got it!
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now