问题
For some reason, none of the code within
if (isset($_SERVER[\'PHP_AUTH_USER\']) &&
isset($_SERVER[\'PHP_AUTH_PW\']))
{
// When the above is set, the code that is here will execute of course
}
is being executed for me. When I enter the correct username and password, the prompt box for the authorization again pops up. Wouldn\'t both fields be \'set\' if they are correct and I press enter? But for some reason that is not the case. What can I be doing wrong? Thank you.
回答1:
There is a 'sensible way' to use HTTP Basic Auth in CGI-mode PHP: in the .htaccess use
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
and in the PHP use
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
回答2:
try this
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>
on your .htaccess file which you will have to place into the root directory
and then
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
in the begining of your php scripts
回答3:
I am using Symfony 2.5.7 running on PHP-PFM + Apache 2.4 on Ubuntu 14.04. I have BASIC_AUTH working, it needs to correctly configure the Apache VirtualHost by adding:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
as also mentioned here https://stackoverflow.com/a/17490827/435956
回答4:
In my phpinfo() Sever API is CGI/Fast CGI. So I've solved my problem with writing following in my .htaccess file
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ app.php [QSA,L]
回答5:
Try $_SERVER['REMOTE_USER']. This works for me on a PHP 5.3 CGI + Apache installation.
回答6:
If user access is granted giving username/password in URL please check if
AuthType Digest
is entitled in your VHost/Directory/.htaccess configuration.
This fixed it for my use case.
回答7:
On my host's servers, use $_SERVER['REDIRECT_REMOTE_USER'] instead of $_SERVER['PHP_AUTH_USER']
来源:https://stackoverflow.com/questions/3663520/php-auth-user-not-set