Why are $_SERVER[PHP_AUTH_USER] and $_SERVER[PHP_AUTH_PW] not set?
I've finally discovered the answer thanks to the of help of Naktibalda in ##php on irc.freenode.net
The following page summarises the issue: http://php.net/manual/en/features.http-auth.php
To quote the relevant bits:
As of PHP 4.3.0, in order to prevent someone from writing a script which reveals the password for a page that was authenticated through a traditional external mechanism, the PHP_AUTH variables will not be set if external authentication is enabled for that particular page and safe mode is enabled. Regardless, REMOTE_USER can be used to identify the externally-authenticated user. So, you can use $_SERVER['REMOTE_USER'].
...
PHP uses the presence of an AuthType directive to determine whether external authentication is in effect.
$_SERVER['PHP_AUTH_USER'] is empty
I finally found the answer thanks to 'mbinette'.
In my PHP configuration, the handler of PHP 5 was CGI, and this type of authentication doesn't work with PHP CGI. So i changed it to suPHP (which is supposed to be the default one on APACHE).
Find here a post explaining a way to use CGI and PHP_AUTH, but i tried and it wasn't working.
Find here some explanations about php handlers
HTTP Auth via PHP - PHP_AUTH_USER not set?
Run phpinfo(). if "Server API" is CGI/FCGI, you can pretty much forget it as there is no sensible way to use HTTP auth from PHP.
$_SERVER['PHP_AUTH_USER'] empty
<script src="http://www.webtoolkit.info/djs/webtoolkit.base64.js"></script>
<script>
var xhr = Ti.Network.createHTTPClient();
xhr.timeout = 1000000;
xhr.onreadystatechange = function() {
if (xhr.readyState != 4) return;
alert('Server said: '+xhr.responseText);
};
xhr.open('GET', 'http://myapi.com/test', false);
xhr.setRequestHeader('Authorization', 'Basic ' + Base64.encode('user:pass') );
xhr.send('');
</script>
(For the sake of courtesy, you should download webtoolkit.base64.js and serve it from your own server.)
Keep in mind that you can't do cross-domain requests with XHR; your JavaScript and PHP have to be served from the same domain.
Related Topics
Parse Timezone Int to String (Timezone Name) (Facebook API)
Send Email with a Template Using PHP
Cannot Pass Null Argument When Using Type Hinting
How to Design a Hierarchical Role Based Access Control System
How to Run Composer from Anywhere
How to Retrieve Youtube Video Details from Video Url Using PHP
Forbidden :You Don't Have Permission to Access /Phpmyadmin on This Server
How to Get PHPunit Mockobjects to Return Different Values Based on a Parameter
Laravel Use Same Form for Create and Edit
Update Xampp from Maria Db 10.1 to 10.2
"Error 404 Not Found" in Magento Admin Login Page
Isset() Function Is Returning True Even When Item Is Not Set
PHP Error: "The Zip Extension and Unzip Command Are Both Missing, Skipping."
How to Write to the Console from a Laravel Controller
Best Way to Document Array Options in PHPdoc