[mapguide-users] Apache as CGI cannot customize authentication
Daniel Morissette
dmorissette at mapgears.com
Thu Jun 29 08:46:53 EDT 2006
I realize this won't fix the issue completely, but as a workaround, if
you can afford to let Apache handle the user/password validation (i.e.
create a .htaccess and htpasswd file, etc.) then you can get the user
name of the authenticated visitor with the $_SERVER['REMOTE_USER']
variable. This variable works with the PHP CGI.
Daniel
newjim wrote:
> PHP in Apache2 in MapGuide is loaded as a CGI executable, as this line in
> httpd.conf shows:
>
> Action application/x-httpd-php "/php/php-cgi.exe"
>
> However, you cannot customize your authentication unless PHP runs as a
> module, that is, by commenting out this line and replacing it with:
>
> LoadModule php5_module c:/php/php5apache2.dll
>
> When you do that and restart Apache, you can trap the user login and
> password. For example:
> <?php
> if ($_SERVER[PHP_AUTH_USER])
> {
> print "<script language='javascript'>alert('Hello
> $_SERVER[PHP_AUTH_USER]')</script>";
> //unset($_SERVER[PHP_AUTH_USER]);
> }
>
> elseif($_REQUEST['auth'])
> {
> Header("WWW-Authenticate: Basic realm=\"MapGuide Test Site\"");
> Header("HTTP/1.0 401 Unauthorized");
>
> }
> ?>
> <form>
> <input type="submit" name="auth" value= "Authenticate" />
> </form>
>
> However, when you do that you lose the MG functions, which I presume are in
> php_MapGuideApi.dll, such as MgInitializeWebTier
>
> Is there a way that you can make the MG functions available to PHP when you
> load it as a module?
--
Daniel Morissette
http://www.mapgears.com/
More information about the Mapguide_users
mailing list