1. 技术文章
  2. PHP_AUTH_USER not set?

PHP_AUTH_USER not set?

半城伤御伤魂 提交于 2019-11-26 18:44:41

There is a 'sensible way' to use HTTP Basic Auth in CGI-mode PHP: in the .htaccess use 

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

and in the PHP use

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = 
  explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

try this 

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>

on your .htaccess file which you will have to place into the root directory

and then 

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

in the begining of your php scripts

I am using Symfony 2.5.7 running on PHP-PFM + Apache 2.4 on Ubuntu 14.04. I have BASIC_AUTH working, it needs to correctly configure the Apache VirtualHost by adding:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

as also mentioned here https://stackoverflow.com/a/17490827/435956

In my phpinfo() Sever API is CGI/Fast CGI. So I've solved my problem with writing following in my .htaccess file RewriteEngine on RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ app.php [QSA,L]

Try $_SERVER['REMOTE_USER']. This works for me on a PHP 5.3 CGI + Apache installation.

If user access is granted giving username/password in URL please check if

AuthType Digest

is entitled in your VHost/Directory/.htaccess configuration.

This fixed it for my use case.

Zardiw

On my host's servers, use $_SERVER['REDIRECT_REMOTE_USER'] instead of $_SERVER['PHP_AUTH_USER']

标签
php
http-authentication
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!