out and it worked perfectly! Thanks!
On Oct 28, 11:21 pm, Ken <kkolde...@gmail.com> wrote:
> I think that this might be what I'm looking for, but I don't think
> I've quite figured it out. I've followed the steps you've outlined,
> but I'm unclear on how to implement the last beforeFilter function
> since I'm using another authenticate function. I think I'm probably
> missing something simple, but any help would be appreciated. This
> works well on other servers, but not on a server with php as cgi.
>
> function beforeFilter() {
>
> $this->Auth->allow('feed');
> $this->Security->loginOptions = array(
> 'type'=>'basic',
> 'login'=>'authenticate',
> 'realm'=>'CaseMojo iCal Feed',
> );
>
> $this->Security->loginUsers = array();
> $this->Security->requireLogin('feed');
>
> parent::beforeFilter();
>
> }
>
> function authenticate($args) {
>
> $data[ $this->Auth->fields['username'] ] = $args
> ['PHP_AUTH_USER'];
> $data[ $this->Auth->fields['password'] ] = $this->Auth->password
> ($args['PHP_AUTH_PW']);
> if ( $this->Auth->login($data) ) {
> return true;
> } else {
> $this->Security->blackHole($this, 'login');
>
> return false;
> }
> }
>
> On Sep 5, 5:57 pm, Jeff Deroshia <deros...@gmail.com> wrote:
>
>
>
> > I was able to find a workaround using mod_rewrite (a module that continues
> > to amaze me with its usefulness). So for anyone else who needs to use the
> >httpauthenticationmethods of the Security Component while running php
> > through cgi, here's what I did to get it working:
>
> > In the .htaccess file in the webroot dir, I modified the default rewrite
> > rule by removing the 'last' flag:
>
> > old: RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
> > new: RewriteRule ^(.*)$ index.php?url=$1 [QSA]
>
> > Then I added another RewriteRule below that one, giving it the 'last' flag I
> > took away from the previous rule:
>
> > RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
>
> > This new rule sets the environment variable REMOTE_USER to the value of the
> >HTTPAuthorization header. With basicauthentication, which is what I am
> > using since I'm behind an SSL connection, the Authorization string consists
> > of the word 'Basic', a space, and a base64 encoded string of the supplied
> > username and password separated by a colon (:).
>
> > Php adds this new environment variable to the $_SERVER superglobal array
> > with the key 'REDIRECT_REMOTE_USER'. So, in my beforeFilter callback I've
> > added the following code:
>
> > if(Configure::read('in_production') {
> > list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' ,
> > base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
>
> > }
>
> > Now the variables that the Security Component (and php) use forHTTP
> >Authenticationare set, which makes functionality that was only explicitly
> > available in the apache php module also available in sites that have to use
> > php through CGI/FastCGI
>
> > mod_rewrite rocks.
>
> > J3ffy
>
> > On Fri, Sep 4, 2009 at 10:23 AM, J3ffy <deros...@gmail.com> wrote:
> > > I've been developing a system that does server-to-server communication
> > > using BasicHTTPAuth forauthenticationbehind an SSL connection.
> > > The requests are created and sent with the HttpSocket class. The
> > > component that receives the requests uses the Security component to
> > > force and checkauthentication.
>
> > > Everything has been working great on multiple test systems, but on the
> > > production host, none of theAuthenticationcredentials were being
> > > seen by the app. After a few hours of testing I discovered that on
> > > all my test systems I'm using the Apache php module, but on the
> > > production server, the php api is access through FastCGI. According
> > > to the php documentation forHTTPauthenticationhere:
> > >http://us3.php.net/manual/en/features.http-auth.phptheHTTP
> > >authenticationhooks are only available when using the apache module
> > > and not for php through cgi.
>
> > > It seems that I'm going to have to change my approach to
> > > authenticating, but I have no idea what to change it to. Do you folks
> > > have any suggestions?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment