HTTP Basic Authentication doesn't work on my QNAP 4.2.0

Post your questions about Web Server usage and Apache + PHP + MySQL/SQLite web applications.
Post Reply
begaz
New here
Posts: 2
Joined: Fri Mar 21, 2014 1:22 am

HTTP Basic Authentication doesn't work on my QNAP 4.2.0

Post by begaz » Fri Nov 13, 2015 2:07 am

I recently upgrade a TS-459 to the last version 4.2.0 and i can't login on my old php page. The login request is correctly displayed on the screen, when i submit user and password the login is displayed exactly the same.
Near the beginning of the php i have :
if ((!isset($_SERVER['PHP_AUTH_USER'])) OR
($_SERVER['PHP_AUTH_USER'] == "") OR
($_SERVER['PHP_AUTH_PW'] == "")) requireLogin($realm);
I put an echo just after and it's never sent.
It seems that any PHP AUTH information is set in $_SERVER variables ( AUTH_TYPE PHP_AUTH_USER PHP_AUTH_PW)
Nothing has been changed since the new version of qnap.

What can i do in the new config files to have that working again.

Thanks if someone has an idea

p.s i remotely access to the server

begaz
New here
Posts: 2
Joined: Fri Mar 21, 2014 1:22 am

Re: HTTP Basic Authentication doesn't work on my QNAP 4.2.0

Post by begaz » Fri Nov 13, 2015 5:52 pm

The problem is solved.
1 - i add these lines in .htaccess

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
</IfModule>

2 - in .php file add this before the test of $_SERVER['PHP_AUTH_USER']

//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}

Now authentication works.

Post Reply

Return to “Web Server & Applications (Apache + PHP + MySQL / SQLite)”