0
votes

Im running cakephp 2.6 and the xamp webserver and im trying to get Digest Auth to work with cakephp.

When i use it keeps asking for the username and password over and over again. Im not sure whats wrong or how to fix this. I havnt found a tutorial on how to use digest auth in cakephp.

Ive followed the guide in cakephp manual;

http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html

App controller;

public $components=array(
'Session',  'Security',
'Auth'=>array(
    'loginRedirect'=>array('controller'=>'users','action'=>'index'),
    'logoutRedirect'=>array('controller'=>'users','action'=>'index'),
    'authError'=>'Access Denied: You are not authorized to view that page.',
    'authorize'=>array('Controller'),       
    'authenticate' => array('Digest')
    )
);

Any ideas whats wrong?

1

1 Answers

0
votes

I have not tried this in a "cake" way, but having this code in my app controller (inside beforeFilter() ) works for me.

        if (!isset($_SERVER['PHP_AUTH_USER'])) {
            header('WWW-Authenticate: Basic realm="Your Realm"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'Ops!! Smth wrong';
            exit;
        } else {
            $hash = 'sha512 hash of your password with cakes salt';
            if ($_SERVER['PHP_AUTH_USER'] == 'your_username' && Security::hash($_SERVER['PHP_AUTH_PW'], 'sha512', true) == $hash) {
                ;
            } else {
                header('WWW-Authenticate: Basic realm="Your Realm"');
                header('HTTP/1.0 401 Unauthorized');
                echo 'Ops!! Smth wrong';
                exit;
            }
        }