HTTP Authentication with PHP as CGI

Hi,

I'm just wondering if it is possible to use the php $_SERVER['HTTP_AUTH_*'] when using php as a cgi.

Officially it doesnt seem to be supported, but if there is a way i would love to know.

Thanks,
Muneer

HTTP_AUTH is the old long array vars. The new name is: $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']. Both of which should work in PHP CGI.

Sorry, i meant PHP_AUTH_* ,

And Unfortunately they don't seem to work with php as cgi:
'PHP_AUTH_USER'

When running under Apache or IIS (ISAPI on PHP 5) as module doing HTTP authentication this variable is set to the username provided by the user.

(taken from php website)
Also, from my own script, when using php as a cgi, they were both empty, but after i switched it across to being an apache module, they worked once more.

So does anyone know of another way of accessing HTTP Authentication values using php as a cgi?

Thanks

Interesting...What i read in the books I have said that authentication does not work with cgi, and it was necessary to create your own. I never tested it to see if they were wrong.
Silk

In reply to:
So does anyone know of another way of accessing HTTP Authentication values using php as a cgi?

You can't. PHP has to be an Apache module so it can hook into the reqeust handling process.

The PHP web site has this documented:

http://www.php.net/manual/en/features.http-auth.php

cool Perl / MySQL / HTML CSS

In reply to:
So does anyone know of another way of accessing HTTP Authentication values using php as a cgi?

I'm pretty sure CGI ainta gonna work that way.
However, if you're using the usual Apache ".htaccess" and ".htpasswd" setup, even in CGI mode PHP will give you the user's name in both of "$_SERVER['REMOTE_USER']" and "$_ENV['REMOTE_USER']" global variables even though the AUTH_USER variable isn't set and (obivously) the corresponding password variable isn't available.

Dunno if that'll help ya worth a lick though.

HTTP Authentication with PHP as CGI