stackoom
  简体   繁体   中英

enable Apache http Authorization header

 原文  2016-05-11 09:41:22       php/ apache/ http-headers/ authorization

Question

I write an API with PHP ZF2 they use HTTP Authorization. I fetch all HTTP Headers with apache_request_headers() (also tested with ZF2's $this->getRequest()->getHeaders()) .

It works on my locale installed version. But on my server the HTTP Authorization Header are not available. My Browser Debug tool show me that the Authorization header properly send.

Both server are running with the same software: Ubuntu 14.04 with Apache2 (Server version: Apache/2.4.7 (Ubuntu)).

Enabled apache2 modules ( auth_basic is enabled): 启用 Apache2 模块

Is there a PHP ini setting to allow Authorization header?

edit 2015-05-13:

$headers = apache_request_headers();
if (isset($headers['Authorization'])) {
    echo 'you are auth';
} else {
    echo 'there is no Authorization';
}

On my locale system this returns 'you are auth', on the server 'there is no Authorization'. Tested with Postman app in Chrome browser.

edit 2015-05-14: I think it is an Apache2 topic.

How can i enable the Authorization header in Apache2?

3 answers

solution1
 18  2016-05-14 09:02:28

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

in the .htaccess solves the problem.

But i do not know why this is not necessary on my locale system.

solution2
 1  2021-07-02 07:58:13

As bitkorn suggested, you can add the following to your .htaccess:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

If that doesn't solve your problem, then you can try the following:

RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

However, something that must be mentioned is that if you're using either solution, you must access your header with the HTTP_AUTHORIZATION header. If you try to use Authorization it will be null.

solution3
 0  2022-04-30 08:40:39

Server: Almalinux 8, Panel: WHM/CPANEL;

The reason is apache. Something removes the header. To prevent;

Open httpd.conf

<VirtualHost>
    # ...
    Include "/etc/apache2/conf.d/userdata/*.conf"
    # ...
</VirtualHost>
  • place will be detected by apache. And create a special conf to prevent removed automatically. 
nano /etc/apache2/conf.d/userdata/{username}.conf

Add this line;

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Restart Apache;

service httpd restart

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to enable HTTP request header on Apache 2.4.46 Apache “destroying” Authorization header PHP Apache Authorization Header Get header [Authorization] php/apache Authorization Header missing in Xampp/Apache? HTTP header authorization using PHP Authorization header and apache_request_headers function Authorization HTTP header with ASP.NET Guzzle HTTP - add Authorization header directly into request How to set Authorization HTTP header in Guzzle?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM