PHP4 CGI and HTTP Authorization support

To: Debian ISP Mailing List <debian-isp@lists.debian.org>
Subject: PHP4 CGI and HTTP Authorization support
From: Marcin Owsiany <porridge@debian.org>
Date: Thu, 15 Sep 2005 21:26:10 +0200
Message-id: <[🔎] 20050915192610.GA17099@kufelek>
Mail-followup-to: Debian ISP Mailing List <debian-isp@lists.debian.org>

Hi!

I got php to work as cgi with suexec. Everything works nicely for me
except for one thing: for HTTP Basic authorization (for example as
enforced by .htaccess), the authorization data from the browser is not
passed to the PHP script.

After some investigation done bycomparing phpinfo() output in different
environments (mod_php / php-cgi x with auth / without auth) I came to
the following main conclusion:

The CGI PHP interpreter does not receive the "Authorization" header (as
listed in the "HTTP Headers Information" section of phpinfo() output).
The header itself is passed from the browser to the web server, because
apache does allow access to the page.

I suspect that the consequence of this is that the
_SERVER["PHP_AUTH_USER"] and _SERVER["PHP_AUTH_PW"] PHP variables are
not set.

The question is: has anyone worked this around? Or do I need to dig in
the apache and/or php code to make them pass the authorization
information in some custom environment variable?

regards,

Marcin
-- 
Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216

Reply to:

Follow-Ups:
- Re: PHP4 CGI and HTTP Authorization support
  - From: Marcin Owsiany <porridge@debian.org>

Prev by Date: Re: Apche, tomcat and redirect form domain to subdir.
Next by Date: Re: PHP4 CGI and HTTP Authorization support
Previous by thread: Re: Apche, tomcat and redirect form domain to subdir.
Next by thread: Re: PHP4 CGI and HTTP Authorization support
Index(es):
- Date
- Thread