httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tyler Wilson <k...@linuxdigital.net>
Subject [users@httpd] Auth Headers Not Forwarding to ProxyPass (php-fpm)
Date Mon, 30 Dec 2013 19:09:31 GMT
Hey All,

I've been beating my head against this for a while; does anyone have any
experience with getting Basic Auth headers forwarded to fcgi from ProxyPass?

Here's my application versions:
Apache 2.4.6
php-fpm (fpm-fcgi) 5.3.3
centos 6.5

Here's my method of testing for the headers;

<?php
if (!isset($_SERVER['PHP_AUTH_USER']))
{
        header('WWW-Authenticate: Basic realm="Test Realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo "<PRE>"; print_r($_SERVER); echo "<PRE>";
        echo 'Text to send if user hits Cancel button';
        exit;
}
else
{
        echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
        echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your
password.</p>";
}
?>

>From poking around stack* I've found a few proposed solutions, none of
which seem to solve the problem;

1. Adding a mod_rewrite to copy the headers to new env's;
Source: http://stackoverflow.com/questions/3663520/php-auth-user-not-set

2. Adding 'FcgidPassHeader Authorization' to the vhost config (in an
IfModule).
Source:
http://stackoverflow.com/questions/17488656/zend-server-windows-authorization-header-is-not-passed-to-php-script
(And
others)

3. Adding 'SetEnvIf Authorization' to .htaccess/directory/vhost
Source:
http://stackoverflow.com/questions/17488656/zend-server-windows-authorization-header-is-not-passed-to-php-script

It seems the previous versions using mod_fcgi used a '-pass-header
Authorization', is there no equal in the ProxyPass world? eg:
FastCgiExternalServer
/usr/lib/cgi-bin/php5-fcgi -socket /tmp/php5-fpm.sock -pass-header
Authorization

For reference, my current vhost is configured ProxyPass with;
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://
127.0.0.1:9000/var/www/virtual/my.domain.com/public_html/$1

Here is a dump of the current $_SERVER variables passed when doing the
above php test;

Array
(
    [USER] => username
    [HOME] => /home/username
    [FCGI_ROLE] => RESPONDER
    [HTTPS] => on
    [SSL_TLS_SNI] => my.domain.com
    [proxy-nokeepalive] => 1
    [HTTP_HOST] => my.domain.com
    [HTTP_CONNECTION] => keep-alive
    [HTTP_ACCEPT] =>
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
    [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 6.1; WOW64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63
Safari/537.36
    [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8
    [HTTP_COOKIE] => UBERSID=v1lg6fbgvt149ka047rgv6hgb3;
__utma=188222188.1000476125.1386093376.1386116540.1386141779.6;
__utmc=188222188;
__utmz=188222188.1386093376.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
    [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
    [SERVER_SIGNATURE] =>
    [SERVER_SOFTWARE] => Apache/2.4.6 (Unix)
    [SERVER_NAME] => my.domain.com
    [SERVER_ADDR] => (Filtered)
    [SERVER_PORT] => 443
    [REMOTE_ADDR] => (Filtered)
    [DOCUMENT_ROOT] => /var/www/virtual/my.domain.com/public_html
    [REQUEST_SCHEME] => https
    [CONTEXT_PREFIX] =>
    [CONTEXT_DOCUMENT_ROOT] => /var/www/virtual/my.domain.com/public_html
    [SERVER_ADMIN] => [no address given]
    [SCRIPT_FILENAME] => /var/www/virtual/my.domain.com/public_html/test.php
    [REMOTE_PORT] => 64603
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => GET
    [QUERY_STRING] =>
    [REQUEST_URI] => /test.php
    [SCRIPT_NAME] => /test.php
    [PHP_SELF] => /test.php
    [REQUEST_TIME] => 1388430291
)


Any assistance would be greatly appreciated.

Mime
View raw message