Question posted in
Some documentation to get you started can be found here.

Symfony & NTLM – Apache header authorization missing

I’m running Symfony 3.4 LTS and I have an issue when I try to use NTLM authentification.

For the record, on my server I get :

  • a wordpress website
  • a TYPO3 website
  • and my new SYMFONY website

The WordPress and Typo3 use NTLM authentification with :

<?php

$headers = apache_request_headers();
// then $headers['Authorization'] contains a big string with all the needed datas

?>

.. but I can’t use this script on Symfony because there is no Authorization header return by the apache_request_headers() function. I made some searches in Stack Overflow but nothing helped me to fix my issue.

I tried :

  • Add new directives in my htaccess : RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] .. and also SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

  • Work with $_SERVER[‘AUTH_USER’] (this var is missing)

  • Use a bundle (the only one I found only runs on Symfony 2.x)
  • Use the Request with $request->headers->all() but the Authorization parameter is still missing

Do you have any idea ?
By the way, I don’t want to edit my vhost file because my 2 other websites work well.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I found a solution. In my code, I added :

    <?php

        if (!isset($headers['Authorization']))
        {
            header('HTTP/1.1 401 Unauthorized');
            header('WWW-Authenticate: NTLM');
            exit;
        }

    .. right after the apache_request_headers() function. Now I got access to the Authorization header.


  2. 0

    I guess you are using php-fpm and not mod_php.

    Are you missung this:

    SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

    in your apache config before the FPM handler?

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search