php auth & fast_cgi

Francis Daly francis at daoine.org
Mon Mar 14 14:39:23 MSK 2011


On Mon, Mar 14, 2011 at 12:58:35PM +0200, Alexander Economou wrote:

Hi there,

> A colleague of mine told me that these two lines in php doesn't seem to 
> work on an nginx + fastcgi installation. Any thoughts?

They seem to work fine for me. Any expansion?

What does your colleague do, what does your colleague see, and what
does your colleague expect to see? And, if it's not obvious, what's the
difference between the last two?

> header('WWW-Authenticate: Basic realm="SocialWhale Controller"');
> 
> $_SERVER['PHP_AUTH_USER']
> $_SERVER['PHP_AUTH_PW'];

authcheck:
===
<?php

if ($_SERVER['PHP_AUTH_USER'] == "x" && $_SERVER['PHP_AUTH_PW'] == "x") {
  echo "Well done, right credentials\n";
} else {
  header('WWW-Authenticate: Basic realm="SocialWhale Controller"');
}

?>
===

I expect "curl -i http://localhost/authcheck" to show me a HTTP 401,
and "curl -i -u x:a http://localhost/authcheck" to show me a HTTP 401,
and "curl -i -u x:x http://localhost/authcheck" to show me a HTTP 200.

And that's what I see.

nginx.conf ensures that the php fastcgi server processes the request,
of course.

All the best,

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list