Hello,
According to my previous post on the bug track:
http://issues.apache.org/bugzilla/show_bug.cgi?id=43018
This is a script in PHP that is called by the a CGI handler in Apache. HTTP
Authentification.
In a normal Apache module environnement, a HTTP Authentification is
called and
we can see on the log of Apache :
IP - USER - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Meanwhile, in a CGI environnement, Apache call a CGI script, in my
exemple PHP
and pass him variables.
So in order of compatibility to pass the authentification to the PHP
script, we
have to set a .htaccess where :
RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L
<HTTP:Authorization%7D,L>]
So with it in environnement variables we can see :
[REDIRECT_REMOTE_USER] => Basic dGl0aTp0b3Rv
[REDIRECT_STATUS] => 200
where dGl0aTp0b3Rv is corresponding to user:password titi:toto (base64)
Of course, with network analyzer, we can see that the browser send to
the Apache
serveur in HTTP headers :
Authorization: Basic dGl0aTp0b3Rv
(our titi:toto)
In this cas, Apache log don't indicate the user :
IP - - - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Ok, the use of PHP is independant of Apache log writes but if browser send
Authorization: Basic dGl0aTp0b3Rv in a module Apache or CGI Apache
(PHP), why
Apache, that see the basic, don't write the remote_user in the log ?
In normal environnement, whithout CGI, handler ..., the browser send the
same
request and the log indicate the USER.
According to the track response, I've replaced the %u to %<u in the
LogFormat directive but the user authentified still no appear
in the log :
IP - - - [DATETIME] "GET / HTTP/1.1" 200 SIZE "REFERER" "AGENT"
Has anyone the same problem or a soltion ?
Thank you for any help.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]