Lighttpd HTTP Authentication with PHP-FastCGI works

Something I noticed quite a while ago is that HTTP authentication hooks in PHP actually work with Lighttpd’s FastCGI implementation.

One of the general “problems” with PHP-CGI (fast or not) is that the HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence not available in the CGI version. This does cause a problem with some scripts (for example, password protected pages in Textpattern, and authentication of RSS Feeds and iCalendar with Alex Kings’s Tasks).

But fastCGI has always had 

--pass-header header
The name of an HTTP Request Header to be passed in the
request environment. This option makes available the contents
of headers which are normally not available (e.g. Authorization)
to a CGI environment.

as a config switch. The problem though is that I’ve never seen it work with Apache2, mod_fastcgi and a PHP version since … 4.3.2 ( I think … something like that).

You can always tell when someone gets their FastCGI implementation right because HTTP Auth works.

Lightty’s implementation turns out to work great. Try the generic check (put whatever you want in as user and password, the fact that it even passes you through is the point) and Alex’s server_check.php (click on the Run Test button under #4).

Good job lightty. Good job.

·:· Posted 23 May 2005, 08:10 by Jason Hoffman to Lighttpd  |