Http Basic Auth issue with Rarst/release-belt
Question
https://github.com/Rarst/release-belt
I have a fresh installation of the above git and my .htaccess in the public folder looks like this:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
CGIPassAuth On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
#SetEnvIfNoCase Authorization "(Bearer .+)" HTTP_AUTHORIZATION=$1
FallbackResource /index.php
What is happening is if I have a set user, the page is refreshing, and throwing the error in the screenshot below. I can then still log in correctly through the web. If I try to use composer to add a package I get access unauthorized even with the auth.json having the correct details. Has anyone else encountered this issue?
1 answers
solution1
1 2022-06-03 21:36:42
I think FastCGI is generally iffy for Http Basic with PHP.
The middleware, that Belt uses to implement it, has following setup recommendation for such case:
By default Apache does not pass credentials to FastCGI process. If you are using mod_fcgi you can configure authorization headers with:
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:9000 -pass-header Authorizationhttps://github.com/tuupola/slim-basic-auth#usage-with-fastcgi
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.