Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Basic Auth is not passed through with PHP in CGI mode #1

Open
rmccue opened this issue Apr 29, 2014 · 6 comments
Open

Basic Auth is not passed through with PHP in CGI mode #1

rmccue opened this issue Apr 29, 2014 · 6 comments
Labels

Comments

@rmccue
Copy link
Member

rmccue commented Apr 29, 2014

Migrated from WP-API/WP-API#8.

@rmccue rmccue added the bug label Apr 29, 2014
@vlood
Copy link

vlood commented Jan 25, 2015

@graham73may
Copy link

Ran into this problem today, the solution we are using is to add:

    if (!isset($_SERVER['PHP_AUTH_USER']) && (isset($_SERVER['HTTP_AUTHORIZATION']) || isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']))) {
        if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
            $header = $_SERVER['HTTP_AUTHORIZATION'];
        } else {
            $header = $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];
        }

        list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($header, 6)));
    }

To basic-auth.php in at line 22 underneath:

    // Don't authenticate twice
    if (!empty($user)) {
        return $user;
    }

We also added the following to the .htaccess (replacing the normal index.php rewrite rule):

RewriteRule . /index.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

@graham73may
Copy link

Pull request created

#32

@mnelson4
Copy link

mnelson4 commented May 6, 2016

ran into this same issue; specifically I needed to change my .htaccess file to

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

@mnelson4
Copy link

mnelson4 commented May 9, 2016

FYI we also created a branch https://github.com/eventespresso/Basic-Auth/tree/automatic-update-htaccess-for-fcgi which adds a setting onto the WP permalinks page which should automatically update the .htaccess file, but it's untested

@Rococolab
Copy link

Hi
any idea how to solve the same issue but on NGINX instead of APACHE
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

5 participants