Phil Sturgeon REST_SERVER and Auth |
[eluser]jedre[/eluser]
Hello I try use this rest server: http://github.com/philsturgeon/codeigniter-restserver and when I enable rest_auth in rest.php: Code: $config['rest_auth'] = 'basic'; and set user and password: Code: $config['rest_valid_logins'] = array('admin' => '1234'); You can try: http://ws.wolniak.org/index.php/ksiegarnia/book/id/1 In my localhost everything is OK. EDIT: When I try run this: Example #6 Basic HTTP Authentication example http://php.net/manual/en/features.http-auth.php Window appear again and again...
[eluser]smilie[/eluser]
Hm, hold on... You are mixing two things now. REST has it's own, build in user / auth system. That's: $config['rest_auth'] = 'basic'; and $config['rest_valid_logins'] = array('admin' => '1234'); When connecting to the REST server (API), you need to provide these username and password (provided you are using rest client): $this->load->library('rest', array( 'server' => 'http://localhost/restserver/index.php/example_api/', 'http_user' => 'admin', 'http_pass' => '1234', 'http_auth' => 'basic' // or 'digest' )); That's one part of 'security'. What error do you receive? If it is on same server as HTTP auth (see bellow), then that is the reason :-) ====== Regarding HTTP Auth, that is Apache based security. 99% chance that Apache can not read your httpd password file, hence can not check user / pass. Check apache error log, there should be something like: Can not access "config file". But again, both things have nothing to do with each other :-)
[eluser]Phil Sturgeon[/eluser]
Actually they do smile, a Basic Auth request will spawn a password box just like the Apache/htpass approach. jedre: No idea, that is crazy. Throw up a phpinfo().
[eluser]smilie[/eluser]
Ups :-) I just re-read the info from http://net.tutsplus.com/ but I could not find that it works with httpd (apache) module :/ Do you then need: htpasswd -c file user on the system or...? :S My bad, appologies. Cheers, Smilie
[eluser]Phil Sturgeon[/eluser]
The Basic Auth is nothing to do with htpasswd, it's just some HTTP Headers set by the server that expect a certain response, handled by the browser. No apache magic in there.
[eluser]jedre[/eluser]
The problem occurs when PHP is configured as FastCGI, and affects some servers. I modified the file libraries/REST_Controller.php and now works OK, here is the solution. .htaccess Code: RewriteEngine on Before: Code: // most other servers After: Code: // most other servers My server use REDIRECT_REMOTE_USER not HTTP_AUTHENTICATION. I don't know why, it's important that it works. @phil Sturgeon BTW, Thanks for great REST server and client library.
[eluser]Ritesh Thumar[/eluser]
To Phil Sturgeon hello .. i want to khnow that how can i use code igniter's login module in restserver. i m making one mobile app.and that app is connected with web app;.so in mobile login module when user will enter username and password, that both data will post to my restserver link. at that link i will fetch that data using post method. now i want to check that user is authenticate user or not..for web app i am using code igniter and for xml creation i m using restserver. hop u can understand this.. rply me as soon as poss
[eluser]Unknown[/eluser]
[quote author="jedre" date="1290130711"]The problem occurs when PHP is configured as FastCGI, and affects some servers. I modified the file libraries/REST_Controller.php and now works OK, here is the solution. .htaccess Code: RewriteEngine on Before: Code: // most other servers After: Code: // most other servers My server use REDIRECT_REMOTE_USER not HTTP_AUTHENTICATION. I don't know why, it's important that it works. @phil Sturgeon BTW, Thanks for great REST server and client library.[/quote] Hey just a quick note that might help someone: I tried to change my .htaccess to Code: RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L] but, then I was getting "Not Found" errors. so I modified to Code: RewriteRule ^(.*)$ - [E=REMOTE_USER:%{HTTP:Authorization},L] Thanks for the solution! |
Welcome Guest, Not a member yet? Register Sign In |