Workaround for HTTP authentication in the API when running PHP as CGI/FastCGI. Example rewrite lines added as comments in htaccess.sample, API tweaked to accept alternate environment var form.
This commit is contained in:
parent
4761c07ad8
commit
22f827134c
@ -5,6 +5,11 @@
|
||||
|
||||
RewriteBase /mublog/
|
||||
|
||||
## Uncomment these if having trouble with API authentication
|
||||
## when PHP is running in CGI or FastCGI mode.
|
||||
#RewriteCond %{HTTP:Authorization} ^(.*)
|
||||
#RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
|
||||
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule (.*) index.php?p=$1 [L,QSA]
|
||||
|
@ -294,11 +294,15 @@ class ApiAuthAction extends ApiAction
|
||||
|
||||
function basicAuthProcessHeader()
|
||||
{
|
||||
if (isset($_SERVER['AUTHORIZATION'])
|
||||
|| isset($_SERVER['HTTP_AUTHORIZATION'])
|
||||
) {
|
||||
$authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])
|
||||
? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION'];
|
||||
$authHeaders = array('AUTHORIZATION',
|
||||
'HTTP_AUTHORIZATION',
|
||||
'REDIRECT_HTTP_AUTHORIZATION'); // rewrite for CGI
|
||||
$authorization_header = null;
|
||||
foreach ($authHeaders as $header) {
|
||||
if (isset($_SERVER[$header])) {
|
||||
$authorization_header = $_SERVER[$header];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
|
Loading…
Reference in New Issue
Block a user