[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

PHP4 CGI and HTTP Authorization support


I got php to work as cgi with suexec. Everything works nicely for me
except for one thing: for HTTP Basic authorization (for example as
enforced by .htaccess), the authorization data from the browser is not
passed to the PHP script.

After some investigation done bycomparing phpinfo() output in different
environments (mod_php / php-cgi x with auth / without auth) I came to
the following main conclusion:

The CGI PHP interpreter does not receive the "Authorization" header (as
listed in the "HTTP Headers Information" section of phpinfo() output).
The header itself is passed from the browser to the web server, because
apache does allow access to the page.

I suspect that the consequence of this is that the
not set.

The question is: has anyone worked this around? Or do I need to dig in
the apache and/or php code to make them pass the authorization
information in some custom environment variable?


Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216

Reply to: