Basic HTTP Authentication & PHP-FastCGI
Phillip B Oldham
phill at theactivitypeople.co.uk
Wed Jul 23 13:58:08 MSD 2008
Igor Clark wrote:
> On 23 Jul 2008, at 10:27, Phillip B Oldham wrote:
>> Yep, just like that.
>
> I could be wrong but I think that this only happens once Apache has
> already done the authorisation and granted access to the resource.
Not necessarily. If you connect to the resource using
http://user:pass@domain.com those variables are accessible.
Authorisation happens within PHP.
>> I thought nginx would have to pass the user/pass through to PHP via
>> the fastcgi params?
>
> As I understand it, if PHP sends HTTP/1.1 401 Unauthorized then the
> browser should ask the user for credentials, and then send them back
> through the Authorization header. If this is in a location block
> without auth_basic, then nginx will pass this header through to PHP,
> and PHP can base64-decode the credentials, do what it needs to do in
> order to work out whether they're good credentials, and then return a
> 200 or another 401 appropriately. You may need to set
> fastcgi_pass_header Authorization, I'm not sure - I've seen this
> referred to in various nginx configs on the web but the version of
> nginx I have on hand to test (0.5.35) seems to pass the
> HTTP_AUTHORIZATION header through with or without this setting.
Thanks. I'll test with the "fastcgi_pass_header Authorisation" and see
where I get.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: phill.vcf
Type: text/x-vcard
Size: 261 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20080723/46874248/attachment.vcf>
More information about the nginx
mailing list