[google-appengine] Authenticating Users with HTTP Authentication in PHP

Mon, 30 Mar 2015 04:06:08 -0700 

Hello,

I'm hoping to have a "members only" section of my appspot page, but am 
hoping to use instead of authenticating with Google credentials.  I was 
hoping to use HTTP Authentication with PHP, but am having trouble.  I found 
that the PHP global variable 'PHP_AUTH_USER' is not set after submitting 
authentication credentials, making the authentication pop-up come back up 
until I hit "cancel".  You can see an example of this page here: 
http://xmountwashington.appspot.com/cscTesting.php and the php code behind 
it below.

if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="Please enter your email in the 
username box and member ID in the password box"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Login credentials required for this Premium Content page.';
    exit;
} else {
    //Verify that the user has the proper credentials
}

I've heard if you have the CGI version of PHP running, this type of user 
authentication won't work too easily.  According to the manual:

In order to get HTTP Authentication to work using IIS server with the CGI 
> version of PHP you must edit your IIS configuration "*Directory Security*". 
> Click on "*Edit*" and only check "*Anonymous Access*", all other fields 
> should be left unchecked.
>

Does GAE PHP automatically run in CGI mode?  How can I get HTTP 
authentication working in GAE?  More generally, is there an easier way to 
authenticate users with a username/password table in MySQL than to use HTTP 
Authentication?

Thank you,
Mike

-- 
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to google-appengine+unsubscr...@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.
Visit this group at http://groups.google.com/group/google-appengine.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/google-appengine/259040db-c766-4b17-97ba-0108fa86edae%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to