Codeigniter Rest server Digest or Basic auth cant login

Question

I'm using Phil Sturgeon's REST Server. I'm having trouble to set up the basic or digest authentication. When calling the method i get the dialog that prompts for username and password even if i write in the correct username and password it wont accept it. How do i troubleshoot this ? Is it my web host that doesnt allow it ?

This is how i set up the auth in rest.php: The rest is default.

$config['rest_auth']         = 'Basic';
$config['auth_source']       = '';
$config['rest_valid_logins'] = array('admin' => 'password');

Answer 1

I found the solution myself. I had to add this on my .htaccess file.

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]  

Answer 2

Sorry for writing in such an old thread. Thought it may save somebody's time.

Please note that this solution is for basic auth only. I have not tested this with digest auth.

I required to tweak @Tan's answer a bit to get the .htaccess to work.

I removed the [L] from RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] and placed the rewrite rule just after RewriteEngine on

The .htaccess file:

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

#Other rules follow

Next, I required to change the rest.php config file inside application/config directory. The changes I made are as follows:

$config['auth_source'] = 'ldap' to $config['auth_source'] = 'library' , $config['auth_library_class'] = '' to $config['auth_library_class'] = 'api_auth' $config['auth_library_function'] = '' to $config['auth_library_function'] = 'login'

Then, I created a new library file named Api_auth.php having the following code:

<?php defined('BASEPATH') OR exit('No direct script access allowed');

class Api_auth
{
    public function login($username, $password) {
        if($username == 'admin' && $password == '1234')
        {
            return true;            
        }
        else
        {
            return false;           
        }           
    }
}

Hope this helps someone someday.

Answer 3

this didnt work for me but this did

for me It related the the sever running php as a fastCGI, not a php5_module, like your localhost does. ( to find this out run phpinfo - Server API: CGI/FastCGI )

here was the solution http://ellislab.com/forums/viewthread/173823/#825912

.htaccess

RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L] 

libraries/REST_Controller.php

BEFORE

// most other servers
elseif ($this->input->server('HTTP_AUTHENTICATION'))
{
if (strpos(strtolower($this->input->server('HTTP_AUTHENTICATION')),'basic') === 0)
{
    list($username,$password) = explode(':',base64_decode(substr($this->input-  >server('HTTP_AUTHORIZATION'), 6)));
}
} 

AFTER

// most other servers
elseif ( $this->input->server('HTTP_AUTHENTICATION') || $this->input-    >server('REDIRECT_REMOTE_USER') )
{
$HTTP_SERVER_AUTH = ($this->input->server('HTTP_AUTHENTICATION')) ? $this->input->server('HTTP_AUTHENTICATION') : $this->input->server('REDIRECT_REMOTE_USER'); 

if (strpos(strtolower($HTTP_SERVER_AUTH),'basic') === 0)
{
    list($username,$password) = explode(':',base64_decode(substr($HTTP_SERVER_AUTH, 6)));
}
}