[geeklog-devel] Atom WebServices and Hosted Server Authentication

Ramnath R Iyer casual.dodo at gmail.com
Sat Dec 1 13:55:01 EST 2007

Previous message: [geeklog-devel] Atom WebServices and Hosted Server Authentication
Next message: [geeklog-devel] Atom WebServices and Hosted Server Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

First - is the problem fixed?

You're right; when I wrote this part of the code, I realized there would be a
problem with PHP running as a CGI script, but since I was working with a PHP
as an Apache module, I could not implement a solution then. What you have
done is precisely what I had in mind, except that I assumed that
the .htaccess file would set $_REQUEST['gl_auth_digest'] instead of
$_SERVER['REMOTE_USER'].

Thanks,
--
Ramnath R Iyer

On Saturday 01 December 2007 13:29:03 Blaine Lang wrote:

> On my hosted server, I was not seeing the variable

> $_SERVER['PHP_AUTH_USER'] set.

>

> Server Environment is PHP 5.2.4 on Linux. Server PHP API is reporting

> CGI/FastCGI

>

> Doing some googling, I found the following .htaccess fix to pass in the

> authentication credentials

> <<>>

> RewriteEngine on

> RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]

> RewriteCond %{HTTP:Authorization} username=\"([^\"]+)\"

> <<.>>

>

> I then had to modify system/lib-webservices WS_authenticate function to

> test for $_SERVER['REMOTE_USER']

>

> if (isset($_SERVER['PHP_AUTH_USER'])) {

> $username = $_SERVER['PHP_AUTH_USER'];

> $password = $_SERVER['PHP_AUTH_PW'];

>

> $status = SEC_authenticate($username, $password, $uid);

> } elseif (!empty($_SERVER['REMOTE_USER'])) {

> /* PHP installed as CGI may not have access to authorization

> headers of

> * Apache. In that case, use .htaccess to store the auth header as

> a * request variable called gl_auth_digest

> */

> list($auth_type, $auth_data) = explode(' ',

> $_SERVER['REMOTE_USER']);

> list($username, $password) = explode(':',

> base64_decode($auth_data));

> $status = SEC_authenticate($username, $password, $uid);

> } else {

> return;

> }

>

> Ramnath, I noticed you were testing for $_REQUEST['gl_auth_header'] -

> how would this variable be set?

> You may have wanted to use a similar .htaccess mod but then be setting

> $_REQUEST['gl_auth_header'] instead of $_SERVER['REMOTE_USER']

>

> Please advise.

>

> Regards,

> Blaine

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://eight.pairlist.net/mailman/listinfo/geeklog-devel

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : <http://eight.pairlist.net/pipermail/geeklog-devel/attachments/20071201/a9936779/attachment.pgp>

Previous message: [geeklog-devel] Atom WebServices and Hosted Server Authentication
Next message: [geeklog-devel] Atom WebServices and Hosted Server Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devel mailing list