ID: 29805
User updated by: michaelw at webcentral dot com dot au
Reported By: michaelw at webcentral dot com dot au
Status: Open
Bug Type: iPlanet related
Operating System: Solaris 9
PHP Version: 4.3.8
New Comment:
Any progress with this ?
Previous Comments:
------------------------------------------------------------------------
[2004-08-25 11:10:22] michaelw at webcentral dot com dot au
Currently, it is the ONLY AuthTrans directive.
------------------------------------------------------------------------
[2004-08-25 11:05:24] [EMAIL PROTECTED]
The PHP AuthTrans must be the first AuthTrans directive. I can take a
look at this the next days.
------------------------------------------------------------------------
[2004-08-25 00:45:31] michaelw at webcentral dot com dot au
>From obj.conf
<Object name="default">
AuthTrans fn=php4_auth_trans
<snipped>
------------------------------------------------------------------------
[2004-08-24 23:51:33] [EMAIL PROTECTED]
Have you installed the fake authenticator "php4_ as written in the
docs?
"To use PHP Authentication on a single directory, add the following:
<Object ppath="d:\path\to\authenticated\dir\*">
AuthTrans fn=php4_auth_trans
</Object>"
The problem is: iPlanet SunONE does not send the password to PHP so it
is not a problem of PHP. With the code from the docs you tell SunONE to
pass the authentication data to the "fake" function "php4_auth_trans"
that only says "auth done" and no other AuthTrans directives from
obj.conf get executed. This switches of all other authentication in the
server (Java, .htaccess,...) but lets PHP get the data. By limiting this
to a directory you can leave the SunONE authentication for other
directories intact.
------------------------------------------------------------------------
[2004-08-24 03:39:56] michaelw at webcentral dot com dot au
Description:
------------
Hi,
PHP HTTP Authentication under Sun One Webserver 6.0 (and presumably any
iPlanet variant) doesn't seem to work correctly.
The PHP_AUTH_USER and PHP_AUTH_PW variables don't seem to get set.
(This is with Safe Mode disabled).
Additionally, with Safe Mode enabled, I cannot determine the username
or password entered by the user.
Reproduce code:
---------------
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your
password.</p>";
}
?>
Expected result:
----------------
Under apache, the output is:
Hello testing.
You entered 123 as your password.
(when username is testing and 123 is password)
Under SunOne, the username/password box just keeps redisplaying.
Actual result:
--------------
Under SunOne, the username/password box just keeps redisplaying.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=29805&edit=1
