I'm using Phil Sturgeon's REST Server. I'm having trouble to set up the basic or digest authentication. When calling the method i get the dialog that prompts for username and password even if i write in the correct username and password it wont accept it. How do i troubleshoot this ? Is it my web host that doesnt allow it ?
This is how i set up the auth in rest.php: The rest is default.
$config['rest_auth'] = 'Basic';
$config['auth_source'] = '';
$config['rest_valid_logins'] = array('admin' => 'password');
I found the solution myself. I had to add this on my .htaccess file.
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
Sorry for writing in such an old thread. Thought it may save somebody's time.
Please note that this solution is for basic auth only. I have not tested this with digest auth.
I required to tweak @Tan's answer a bit to get the .htaccess to work.
I removed the [L]
from RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
and placed the rewrite rule just after RewriteEngine on
The .htaccess file:
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#Other rules follow
Next, I required to change the rest.php config file inside application/config directory. The changes I made are as follows:
$config['auth_source'] = 'ldap'
to $config['auth_source'] = 'library'
, $config['auth_library_class'] = ''
to $config['auth_library_class'] = 'api_auth'
$config['auth_library_function'] = ''
to $config['auth_library_function'] = 'login'
Then, I created a new library file named Api_auth.php having the following code:
<?php defined('BASEPATH') OR exit('No direct script access allowed');
class Api_auth
{
public function login($username, $password) {
if($username == 'admin' && $password == '1234')
{
return true;
}
else
{
return false;
}
}
}
Hope this helps someone someday.
this didnt work for me but this did
for me It related the the sever running php as a fastCGI, not a php5_module, like your localhost does. ( to find this out run phpinfo - Server API: CGI/FastCGI )
here was the solution http://ellislab.com/forums/viewthread/173823/#825912
.htaccess
RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
libraries/REST_Controller.php
BEFORE
// most other servers
elseif ($this->input->server('HTTP_AUTHENTICATION'))
{
if (strpos(strtolower($this->input->server('HTTP_AUTHENTICATION')),'basic') === 0)
{
list($username,$password) = explode(':',base64_decode(substr($this->input- >server('HTTP_AUTHORIZATION'), 6)));
}
}
AFTER
// most other servers
elseif ( $this->input->server('HTTP_AUTHENTICATION') || $this->input- >server('REDIRECT_REMOTE_USER') )
{
$HTTP_SERVER_AUTH = ($this->input->server('HTTP_AUTHENTICATION')) ? $this->input->server('HTTP_AUTHENTICATION') : $this->input->server('REDIRECT_REMOTE_USER');
if (strpos(strtolower($HTTP_SERVER_AUTH),'basic') === 0)
{
list($username,$password) = explode(':',base64_decode(substr($HTTP_SERVER_AUTH, 6)));
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.