On Sun, Mar 1, 2020 at 10:07 AM Roderick <hruodr@xxxxxxxxx> wrote: > > > Dear Sirs, > > running a CGI script, in which I myself implement basic > authentication, I miss necessary headers: > > REMOTE_USER > AUTH_TYPE > HTTP_AUTHORIZATION > > According to https://tools.ietf.org/html/rfc3875 the first MUST be passed. > > Is there a way to get these headers? > > I get the last putting in the config file: > > SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 > > But I also need the first header. How to get apache to work like > standard httpd? > > If possible, I want to keep apaches authentication of static pages. If Apache isn't doing basic auth, it can't supply REMOTE_USER to you, because it hasn't authenticated anyone. Similar for AUTH_TYPE -- the server hasn't done any auth. Authorization isn't passed by default intentionally as a typical CGI has no business w/ the users credentials. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|