Hey All, I've been beating my head against this for a while; does anyone have any experience with getting Basic Auth headers forwarded to fcgi from ProxyPass?
Here's my application versions: Apache 2.4.6 php-fpm (fpm-fcgi) 5.3.3 centos 6.5 Here's my method of testing for the headers; <?php if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="Test Realm"'); header('HTTP/1.0 401 Unauthorized'); echo "<PRE>"; print_r($_SERVER); echo "<PRE>"; echo 'Text to send if user hits Cancel button'; exit; } else { echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; } ?> >From poking around stack* I've found a few proposed solutions, none of which seem to solve the problem; 1. Adding a mod_rewrite to copy the headers to new env's; Source: http://stackoverflow.com/questions/3663520/php-auth-user-not-set 2. Adding 'FcgidPassHeader Authorization' to the vhost config (in an IfModule). Source: http://stackoverflow.com/questions/17488656/zend-server-windows-authorization-header-is-not-passed-to-php-script (And others) 3. Adding 'SetEnvIf Authorization' to .htaccess/directory/vhost Source: http://stackoverflow.com/questions/17488656/zend-server-windows-authorization-header-is-not-passed-to-php-script It seems the previous versions using mod_fcgi used a '-pass-header Authorization', is there no equal in the ProxyPass world? eg: FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /tmp/php5-fpm.sock -pass-header Authorization For reference, my current vhost is configured ProxyPass with; ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi:// 127.0.0.1:9000/var/www/virtual/my.domain.com/public_html/$1 Here is a dump of the current $_SERVER variables passed when doing the above php test; Array ( [USER] => username [HOME] => /home/username [FCGI_ROLE] => RESPONDER [HTTPS] => on [SSL_TLS_SNI] => my.domain.com [proxy-nokeepalive] => 1 [HTTP_HOST] => my.domain.com [HTTP_CONNECTION] => keep-alive [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8 [HTTP_COOKIE] => UBERSID=v1lg6fbgvt149ka047rgv6hgb3; __utma=188222188.1000476125.1386093376.1386116540.1386141779.6; __utmc=188222188; __utmz=188222188.1386093376.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) [PATH] => /sbin:/usr/sbin:/bin:/usr/bin [SERVER_SIGNATURE] => [SERVER_SOFTWARE] => Apache/2.4.6 (Unix) [SERVER_NAME] => my.domain.com [SERVER_ADDR] => (Filtered) [SERVER_PORT] => 443 [REMOTE_ADDR] => (Filtered) [DOCUMENT_ROOT] => /var/www/virtual/my.domain.com/public_html [REQUEST_SCHEME] => https [CONTEXT_PREFIX] => [CONTEXT_DOCUMENT_ROOT] => /var/www/virtual/my.domain.com/public_html [SERVER_ADMIN] => [no address given] [SCRIPT_FILENAME] => /var/www/virtual/my.domain.com/public_html/test.php [REMOTE_PORT] => 64603 [GATEWAY_INTERFACE] => CGI/1.1 [SERVER_PROTOCOL] => HTTP/1.1 [REQUEST_METHOD] => GET [QUERY_STRING] => [REQUEST_URI] => /test.php [SCRIPT_NAME] => /test.php [PHP_SELF] => /test.php [REQUEST_TIME] => 1388430291 ) Any assistance would be greatly appreciated.