ID: 22672
Updated by: [EMAIL PROTECTED]
Reported By: bugzilla at ab dot thatcow dot com
-Status: Assigned
+Status: Closed
Bug Type: Apache2 related
Operating System: SunOS 5.9
PHP Version: 4.3.1
Assigned To: ianh
New Comment:
closing this
Previous Comments:
------------------------------------------------------------------------
[2003-03-17 15:29:57] [EMAIL PROTECTED]
Thanks Andrew.
I've commited your patch into the CVS HEAD.
Jani -- are you ok with this going into 4_3 ?
------------------------------------------------------------------------
[2003-03-14 10:01:10] [EMAIL PROTECTED]
[To: Ian] Always set the status also to 'Assigned'
------------------------------------------------------------------------
[2003-03-13 23:18:37] [EMAIL PROTECTED]
Hi.
Can you mail me some php script which does user-authentication. so I
can test the patch.
I want to verify it works if a user does user-authentication via apache
before I commit it.
TIA
Ian
------------------------------------------------------------------------
[2003-03-13 03:11:31] bugzilla at ab dot thatcow dot com
I send headers through PHP to force authentication. Under apache1.3,
the username would show up properly under my combined logs - under
apache2.0.44, I always see "-". The folks over at Apache (see their bug
#8500) suggest PHP needs to be setting user in the request structure.
I've add one line in php_apache_request_ctor() in sapi_apache2.c to set
this. This hack is fairly ignorant of the internals of both php and
apache, but here it is anyway. Do with as you wish. Forgive the
formatting here if it doesn't come out right.
<pre>
if (!PG(safe_mode)) {
auth = apr_table_get(f->r->headers_in,
"Authorization");
php_handle_auth_data(auth TSRMLS_CC);
+ ctx->r->user =
apr_pstrdup(ctx->r->pool,SG(request_info).auth_user);
} else {
SG(request_info).auth_user = NULL;
SG(request_info).auth_password = NULL;
</pre>
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=22672&edit=1
