|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2001-12-16 15:25 UTC] sloetz at web dot de
HTTP: Basic Authentication fails -------------------------------- PHP: 4.1.0 Server API: Apache (1.3.22) OS: Linux 2.4.12 (Debian) The following PHP script should trigger a basic authentication dialog in the client browser (see http://www.zend.com/manual/features.http-auth.php): <?php if(!isset($PHP_AUTH_USER)) { header("WWW-Authenticate: Basic realm=\"MyRealm\""); header("HTTP/1.0 401 Unauthorized"); echo "Text to send if user hits Cancel button\n"; exit; } else { echo "<p>Hello $PHP_AUTH_USER.</p>"; echo "<p>You entered $PHP_AUTH_PW as your password.</p>"; } ?> Under PHP 4.0.6. the script worked fine and the user was prompted for username and password. After the upgrade to PHP 4.1.0. the script does not produce the expected results, but leads to browser errors on the client side in most cases. In rare cases the authentication dialog appears and the script works as expected. Most of the times the browser reports an error message or shows an empty document: Netscape 4.77/Linux: "the document contained no data" Lynx/Linux: "Unexpected network read error; connection aborted." Netscape 4.7/Win2k: "the document contained no data" Netscape 3.0/Win2k: "the document contained no data" IE 6.0/Win2k: "server or dns not found" Opera 5.01/Win2k: "The server requested a login authentication method that is not supported" Opera 6.0 (Beta TP1) / Linux: shows an empty document If examined via telnet, the server closes the connection after the URL with the above script has been requested, e.g. telnet (domain name) 80 GET /auth.php HTTP/1.1 Host: (domain name) -> connection closed by server 16.12.2001 PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Nov 01 06:00:02 2025 UTC |
The problem is not solved in 4.1.1, if the debian package 4.1.1-1 contains the recent bug fixes. If this is the same effect, the error shows up only if safe_mode is On. environment: debian "woody" on Linux finnegan 2.4.17 #11 SMP Fri Dec 28 14:41:15 CET 2001 i686 unknown packages: apache 1.3.22-5, php4 4.1.1-1 test browsers: netscape navigator 4.77, opera 6.0 TP2 Tested with the following script: <?PHP if ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER == "" ) { $aLog = fopen( "/tmp/test.log", "a" ); fputs( $aLog, "noauth\n" ); fclose( $aLog ); Header( "WWW-Authenticate: Basic realm=\"test\"" ); Header( "HTTP/1.0 401 Unauthorized" ); echo "Zugriff nicht gestattet."; exit; } else { $aLog = fopen( "/tmp/test.log", "a" ); fputs( $aLog, "login: $PHP_AUTH_USER:$PHP_AUTH_PW => $bAuth\n" ); fclose( $aLog ); echo "Autorisation: $PHP_AUTH_USER:$PHP_AUTH_PW"; } ?> <html> <head><title>test</title></head> <body><h1>test</h1></body> </html> BTW: the bugs.php.net page seems to suffer from a similar problem. opera seemed to get into a loop for a considerable amount of tries until this page did show up. or am i already seeing ghosts now? ;-)