[geeklog-devel] Atom WebServices and Hosted Server Authentication

Ramnath R Iyer casual.dodo at gmail.com
Sat Dec 1 14:21:32 EST 2007


Hi,

I have changed $_REQUEST['gl_auth_header'] to $_SERVER['REMOTE_USER'], and 
added the .htaccess fix to the Webservices documentation at -

http://wiki.geeklog.net/wiki/index.php/Webservices_API#Authentication

Blaine, could you confirm the CVS version now works?

Thanks,
--
Ramnath R Iyer

On Saturday 01 December 2007 13:29:03 Blaine Lang wrote:
> On my hosted server, I was not seeing the variable
> $_SERVER['PHP_AUTH_USER'] set.
>
> Server Environment is PHP 5.2.4 on Linux. Server PHP API is reporting
> CGI/FastCGI
>
> Doing some googling, I found the following .htaccess fix to pass in the
> authentication credentials
> <<>>
> RewriteEngine on
> RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
> RewriteCond %{HTTP:Authorization} username=\"([^\"]+)\"
> <<.>>
>
> I then had to modify system/lib-webservices WS_authenticate function to
> test for $_SERVER['REMOTE_USER']
>
>     if (isset($_SERVER['PHP_AUTH_USER'])) {
>         $username = $_SERVER['PHP_AUTH_USER'];
>         $password = $_SERVER['PHP_AUTH_PW'];
>
>         $status = SEC_authenticate($username, $password, $uid);
>     } elseif (!empty($_SERVER['REMOTE_USER'])) {
>         /* PHP installed as CGI may not have access to authorization
> headers of
>          * Apache. In that case, use .htaccess to store the auth header as
> a * request variable called gl_auth_digest
>          */
>         list($auth_type, $auth_data) = explode(' ',
> $_SERVER['REMOTE_USER']);
>         list($username, $password) = explode(':',
> base64_decode($auth_data));
>         $status = SEC_authenticate($username, $password, $uid);
>     } else {
>         return;
>     }
>
> Ramnath, I noticed you were testing for $_REQUEST['gl_auth_header'] -
> how would this variable be set?
> You may have wanted to use a similar .htaccess mod but then be setting
> $_REQUEST['gl_auth_header'] instead of $_SERVER['REMOTE_USER']
>
> Please advise.
>
> Regards,
> Blaine
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://eight.pairlist.net/mailman/listinfo/geeklog-devel


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <https://pairlist8.pair.net/pipermail/geeklog-devel/attachments/20071201/c82cc5ff/attachment.sig>


More information about the geeklog-devel mailing list