Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Rest Authentication does not work under default CGI configurations - Solution within
  • dustoutdustout
    When running under CGI mode, PHP does not have access to the basic authentication headers. FuelPHP first checks \Input::server('PHP_AUTH_USER') and if that is unavailable falls back to getting the headers via \Input::server('HTTP_AUTHENTICATION').  However, \Input::server('HTTP_AUTHENTICATION') does not contain the necessary data by default.  Add the following lines to your .htaccess file to pass through the headers to PHP:

    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    This results in the proper server variable being populations so basic authentication functions as expected.
  • HarroHarro
    So it has to become this?

        ...

        # make HTTP Basic Authentication work on php5-cgi installs
        <IfModule !mod_php5.c>
            RewriteCond %{HTTP:Authorization} .
            RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
        </IfModule>

        # Send request via index.php if not a real file or directory
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

        # deal with php5-cgi first
        <IfModule mod_fcgid.c>
            RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
        </IfModule>

        <IfModule !mod_fcgid.c>

            # for normal Apache installations
            <IfModule mod_php5.c>
                RewriteRule ^(.*)$ index.php/$1 [L]
            </IfModule>

            # for Apache FGCI installations
            <IfModule !mod_php5.c>
                RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
            </IfModule>

        </IfModule>

  • dustoutdustout
    Apologies.  This is actually when running as FCGId, NOT as a CGI wrapper as I incorrectly specified in the original post.  I forgot we changed over.  My working configuration uses:

    <IfModule mod_fcgid.c>
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    </IfModule>

    However, the following IfModule change as you posted does NOT work for me on FCGId:

    <IfModule !mod_php5.c>
            RewriteCond %{HTTP:Authorization} .
            RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    </IfModule>

    I double-tested and am feeling a bit confused about that but I'm up way too late...
  • HarroHarro
    Ok, so it has to become this?

        ...
        # Send request via index.php if not a real file or directory
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

        # deal with php5-cgi first
        <IfModule mod_fcgid.c>
            # make HTTP Basic Authentication work on php5-fcgi installs
            RewriteCond %{HTTP:Authorization} .
            RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
            RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
        </IfModule>

        <IfModule !mod_fcgid.c>

            # for normal Apache installations
            <IfModule mod_php5.c>
                RewriteRule ^(.*)$ index.php/$1 [L]
            </IfModule>

            # for Apache FGCI installations
            <IfModule !mod_php5.c>
                RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
            </IfModule>

        </IfModule>
  • dustoutdustout
    It does not want to work if the new auth rewrites are placed anywhere after the following lines, despite these conditions being met (the url is indeed being rewritten after those conditions as the file nor directory exists and is being routed by Fuel):

        # Send request via index.php if not a real file or directory
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

    The following DOES work for me though:

    ...


        # make HTTP Basic Authentication work on php5-fcgi installs
        <IfModule mod_fcgid.c>
            RewriteCond %{HTTP:Authorization} .
            RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
        </IfModule>

        # Send request via index.php if not a real file or directory
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

        # deal with php5-cgi first
        <IfModule mod_fcgid.c>
            RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
        </IfModule>

        <IfModule !mod_fcgid.c>

            # for normal Apache installations
            <IfModule mod_php5.c>
                RewriteRule ^(.*)$ index.php/$1 [L]
            </IfModule>

            # for Apache FGCI installations
            <IfModule !mod_php5.c>
                RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
            </IfModule>

        </IfModule>
  • HarroHarro
    Accepted Answer
    Ok, I'll update the .htaccess with this. Thanks for testing it!
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion