How to set authorization header using PHP
I am using Basic Authentication apache
, and that sets a header REMOTE_USER
that I check for my permission. I am using a reverse proxy apache
.
ProxyPass /location http://myip:8000/location
ProxyPassReverse /en-US http://myip:8000/location
<Location /location>
AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /home/tomcat/apache/.htpasswd
Require valid-user
RewriteEngine on
RewriteRule .* - [E=RU:%{REMOTE_USER}]
RequestHeader set X-Remote-User %{RU}e
RequestHeader set REMOTE-USER %{REMOTE_USER}s
</Location>
The above solution works fine. But I need to do the same with PHP
. Can I send a php redirect to / location with headers similar to the authentication headers.
I need to authenticate a user with php and after being authenticated, I want to let him login from above proxypass.
source to share
You are looking for a PHP function header
to send headers WWW-Authenticate
and 401
:
header("HTTP/1.1 401 Unauthorized
header("WWW-Authenticate: Basic realm=<YOUR REALM>");
Then use $_SERVER["PHP_AUTH_USER"]
and $_SERVER["PHP_AUTH_PW"]
to enter your username and password.
Combine it all:
<?php
header("HTTP/1.1 401 Unauthorized");
header("WWW-Authenticate: Basic realm=<YOUR REALM>");
if (!($_SERVER["PHP_AUTH_USER"] == $username && $_SERVER["PHP_AUTH_PW"] == $pw))
{
exit("Sorry, you entered the wrong username and password.");
}
?>
source to share