Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

Welcome to the CollectiveAccess support forum! Here the developers and community answer questions related to use of the software. Please include the following information in every new issue posted here:

  1. Version of the software that is used, along with browser and version

  2. If the issue pertains to Providence, Pawtucket or both

  3. What steps you’ve taken to try to resolve the issue

  4. Screenshots demonstrating the issue

  5. The relevant sections of your installation profile or configuration including the codes and settings defined for your local elements.


If your question pertains to data import or export, please also include:

  1. Data sample

  2. Your mapping


Answers may be delayed for posts that do not include sufficient information.

can't login to web service api

Hello there,

This is the first time I use Collective Access and everything was going well so far... But I'm stuck with the web service API. I just can't login to it using my administrator account (or any other account).
I first tried it with curl:
curl -v -XGET 'http://administrator:pass@mywebsite.com/service.php/auth/login' and it returned a 401 (authentication error)
Then I tried to do it by hand in a browser and the result was the same.
The only way I got a response from the API was to first log into Providence with the administrator account, then access the mywebsite.com/service.php/auth/login. It returns the correct json response. As this works, I suppose the administrator account has the correct permissions (but can't login with http headers?).

Many thanks!

Comments

  • Ok, I've figured out what the problem is and it's actually pretty simple.
    When one call the /auth/login endpoint, the web service API uses the PHP predefined variables $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] to get the user and password from the request's headers. The problem was: those variables were not set in my case. I found out that it was because Apache is running with mod_fcgid on my server and fastCGI remove the login informations from the headers by default (thus does not support basic http authentication).

    Solution: add a .htaccess file in the ca root directory with this single line:

    CGIPassAuth On

    I tried other directives like:

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    and

    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

    And they all works (but the CGIPassAuth directive seems the more up to date fix)

    sources:
    https://support.tigertech.net/php-http-auth
    https://github.com/symfony/symfony/issues/1813
    https://jhtechservices.com/passing-authorization-header-to-php-program-when-fastcgi-php-being-used/

    Hope it will be useful to others!

Sign In or Register to comment.