Fatal编程技术网
  • cakephp/
  • CakePHP 2.3.2基本验证不起作用

CakePHP 2.3.2基本验证不起作用

cakephp

CakePHP 2.3.2基本验证不起作用,cakephp,basic-authentication,cakephp-2.3,Cakephp,Basic Authentication,Cakephp 2.3,我试用了位于的“简单Acl控制的应用程序1和2”教程 完成此操作后,我尝试激活BasicAuth而不是FormAuth 我在我的UsersController中重新实现了login()函数,如下所示: public function login() { if ($this->Auth->login()) { return $this->redirect($this->Auth->redirect()); } else { $t

我试用了位于的“简单Acl控制的应用程序1和2”教程

完成此操作后,我尝试激活BasicAuth而不是FormAuth

我在我的UsersController中重新实现了login()函数,如下所示:

public function login() {
if ($this->Auth->login()) {
        return $this->redirect($this->Auth->redirect());
    } else {
        $this->Session->setFlash('Not able to login');
    }
}
并将my AppController中的$components变量更改为:

public $components = array(
    'Acl',
    'Auth' => array(
        'authorize' => array(
            'Actions' => array('actionPath' => 'controllers')
        ),
        'authenticate' => array('Basic')
    ),
    'DebugKit.Toolbar',
    'Session'
);
BasicAuth“弹出窗口”如预期的那样出现,但当我尝试登录时,它会以无休止的循环重新应用。在完成教程之后,我没有做任何更改,除了包括DebugKit

我错过了什么?我希望有人能帮助我,因为我想用CakePHP编写我的下一个项目

更新

应用控制器

public function beforeFilter() {
    //Configure AuthComponent
    $this->Auth->allow('display');
    $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
    $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
}

public function beforeFilter() {
    parent::beforeFilter();
}
用户控制器

public function beforeFilter() {
    //Configure AuthComponent
    $this->Auth->allow('display');
    $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
    $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
}

public function beforeFilter() {
    parent::beforeFilter();
}
我正在尝试访问,例如,
/users/
,它使用教程中描述的FormAuth就像一个符咒,因此不存在权限问题。Logindata对于测试来说非常简单(admin:admin),所以也应该没有问题

更新2

在我的Apache日志中,我得到了以下信息,因此它说我没有获得授权:

IP--[16/Apr/2013:18:08:37+0200]“GET/users/login HTTP/1.0”401 5179-“Mozilla/5.0(Windows NT 6.2;Win64;x64;rv:23.0)Gecko/20130414 Firefox/23.0”

更新3

出于某种原因,用户和密码似乎不是被发送就是没有保存在PHP中。如果我将
/lif/Cake/Controller/Auth/BasicAuthenticate
重写为以下内容,它就可以工作了

public function authenticate(CakeRequest $request, CakeResponse $response) {
    $_SERVER['PHP_AUTH_USER'] = $_SERVER['PHP_AUTH_PW'] = "admin";
    $result = $this->getUser($request);

    if (empty($result)) {
        $response->header($this->loginHeaders());
        $response->statusCode(401);
        $response->send();
        return false;
    }
    return $result;
}
更新4

不知道这是否有用,但服务器正在运行Plesk 11,最新更新,没有特殊修改

更新5

好的,“thaJeztah”的答案很有用,但现在我得到了更多可以细分的问题

  • 将模式从fcgid更改为apache模块

    1.1。导致工作登录,但注销不工作!重定向之后,会话似乎被清除,但我仍然可以访问每个受限制的页面,直到我清除了我的浏览器在Firefox中所称的“活动登录”

    • 当我访问/users/login时,我将自动登录并重定向,而无需输入登录凭据

    我只是不相信,这将是一致的,因为我相信会话数据将在某个时候被删除,浏览器仍然获得了活动的管理员登录和使用这些进行身份验证-我说的对吗

    之后,我可以使用
    http://admin:admin@my.domain/users/login
    。不完美,但至少对Firefox有效

    所以基本上最后一个问题是:关于如何在访问
    /users/login
    时强制使用BasicAuth,有什么建议吗?这样,我可以在任何时候使用任何客户端轻松切换用户

    更新7

    我找到了一种方法,就是用我接受的答案中的想法来做到这一点。我希望我抓住了所有的边缘案件,如果没有,请随时纠正我

    (注意:当使用ACL和或基本身份验证时,至少AppController中的isAuthorized()似乎被忽略(它已被识别,但没有效果-当我在不更改$components的情况下删除该方法时,我遇到了一个错误),这导致我在不使用isAuthorized()的情况下实现了此功能。)

    AppController.php

    public function beforeFilter() {
    parent::beforeFilter(false);
}

    public function login() {
        $this->autoRender = false;
        $this->Session->write('Auth.needs_reauthenticate', true);
        if(!$this->Session->check('Auth.count')) {
            $count = 1;
        } else {
            $count = $this->Session->read('Auth.count') + 1;
        }
        $this->Session->write('Auth.count', $count);

        if($this->Session->read('Auth.needs_reauthenticate')) {
            if((isset($_SERVER['HTTP_AUTHORIZATION']) && $this->Session->read('Auth.count') == 1) || (!isset($_SERVER['HTTP_AUTHORIZATION']) || empty($_SERVER['HTTP_AUTHORIZATION']) || !$this->Session->check('Auth.sent_header_step') || $this->Session->read('Auth.sent_header_step') < 1)) {
                unset($_SERVER['HTTP_AUTHORIZATION']);
                $this->Session->write('Auth.redirectTo', $this->Auth->redirect());

                $this->response->header(sprintf('WWW-Authenticate: Basic realm="%s"', env('SERVER_NAME')));
                $this->response->statusCode(401);
                $this->response->send();

                $this->Session->write('Auth.sent_header_step', 1);
            }       

            if(isset($_SERVER['HTTP_AUTHORIZATION'])) {
                $this->Session->write('Auth.sent_header_step', 0);
                $base64string = base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6));
                if(!(strlen($base64string) > 1 && substr($base64string, -1, 1) != ":")) {
                    $_SERVER['PHP_AUTH_USER'] = "";
                    $_SERVER['PHP_AUTH_PW'] = "";
                }

                $data = true;
            }

            $this->Auth->logout();

            if(isset($data) && $this->Session->read('Auth.count') > 1) {
                if($this->Auth->login()) {
                    $this->Session->write('Auth.needs_reauthenticate', false);
                    if($this->Session->check('Auth.redirectTo')) {
                        $redirectTo = $this->Session->read('Auth.redirectTo');
                        $this->Session->delete('Auth.redirectTo');
                        $this->Session->delete('Auth.count');

                        return $this->redirect($redirectTo);
                    } else {
                        return $this->redirect($this->Auth->redirect());
                    }
                } else {
                    $this->response->statusCode(403);
                    // my 403 message
                }
            } else {

                if(!isset($_SERVER['HTTP_AUTHORIZATION']) && $this->Session->read('Auth.count') > 1 && isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && trim($_SERVER['PHP_AUTH_USER']) != "" && trim($_SERVER['PHP_AUTH_PW']) != "") {
                    if($this->Auth->login()) {
                        $this->Session->write('Auth.needs_reauthenticate', false);
                        if($this->Session->check('Auth.redirectTo')) {
                            $redirectTo = $this->Session->read('Auth.redirectTo');
                            $this->Session->delete('Auth.redirectTo');
                            $this->Session->delete('Auth.count');

                            unset($_SERVER['HTTP_AUTHORIZATION']);
                            unset($_SERVER['PHP_AUTH_USER']);
                            unset($_SERVER['PHP_AUTH_PW']);
                            return $this->redirect($redirectTo);
                        } else {
                            return $this->redirect($this->Auth->redirect());
                        }
                    } else {
                        $this->response->statusCode(403);
                        // my 403 message
                    }
                }

                $this->response->statusCode(403);
                // my 403 message
            }
        }
    }

    if ("usercredentials sent by browser" === "current logged in user in session") {
    // Mark session as 'needs-to-reauthenticate'
    $this->Session->write('Auth.needs_reauthenticate', true);

    // Need to find a clean approach to get the BasicAuth loginHeaders()
    // *including* the right settings (realm)
    $this->response->header(/*BasicAuth::loginHeaders()*/);

    // Access denied status
    $this->response->statusCode(401);
    return $this->response->send();
}
    UsersController.php

    public function beforeFilter() {
    parent::beforeFilter(false);
}

    public function login() {
        $this->autoRender = false;
        $this->Session->write('Auth.needs_reauthenticate', true);
        if(!$this->Session->check('Auth.count')) {
            $count = 1;
        } else {
            $count = $this->Session->read('Auth.count') + 1;
        }
        $this->Session->write('Auth.count', $count);

        if($this->Session->read('Auth.needs_reauthenticate')) {
            if((isset($_SERVER['HTTP_AUTHORIZATION']) && $this->Session->read('Auth.count') == 1) || (!isset($_SERVER['HTTP_AUTHORIZATION']) || empty($_SERVER['HTTP_AUTHORIZATION']) || !$this->Session->check('Auth.sent_header_step') || $this->Session->read('Auth.sent_header_step') < 1)) {
                unset($_SERVER['HTTP_AUTHORIZATION']);
                $this->Session->write('Auth.redirectTo', $this->Auth->redirect());

                $this->response->header(sprintf('WWW-Authenticate: Basic realm="%s"', env('SERVER_NAME')));
                $this->response->statusCode(401);
                $this->response->send();

                $this->Session->write('Auth.sent_header_step', 1);
            }       

            if(isset($_SERVER['HTTP_AUTHORIZATION'])) {
                $this->Session->write('Auth.sent_header_step', 0);
                $base64string = base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6));
                if(!(strlen($base64string) > 1 && substr($base64string, -1, 1) != ":")) {
                    $_SERVER['PHP_AUTH_USER'] = "";
                    $_SERVER['PHP_AUTH_PW'] = "";
                }

                $data = true;
            }

            $this->Auth->logout();

            if(isset($data) && $this->Session->read('Auth.count') > 1) {
                if($this->Auth->login()) {
                    $this->Session->write('Auth.needs_reauthenticate', false);
                    if($this->Session->check('Auth.redirectTo')) {
                        $redirectTo = $this->Session->read('Auth.redirectTo');
                        $this->Session->delete('Auth.redirectTo');
                        $this->Session->delete('Auth.count');

                        return $this->redirect($redirectTo);
                    } else {
                        return $this->redirect($this->Auth->redirect());
                    }
                } else {
                    $this->response->statusCode(403);
                    // my 403 message
                }
            } else {

                if(!isset($_SERVER['HTTP_AUTHORIZATION']) && $this->Session->read('Auth.count') > 1 && isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && trim($_SERVER['PHP_AUTH_USER']) != "" && trim($_SERVER['PHP_AUTH_PW']) != "") {
                    if($this->Auth->login()) {
                        $this->Session->write('Auth.needs_reauthenticate', false);
                        if($this->Session->check('Auth.redirectTo')) {
                            $redirectTo = $this->Session->read('Auth.redirectTo');
                            $this->Session->delete('Auth.redirectTo');
                            $this->Session->delete('Auth.count');

                            unset($_SERVER['HTTP_AUTHORIZATION']);
                            unset($_SERVER['PHP_AUTH_USER']);
                            unset($_SERVER['PHP_AUTH_PW']);
                            return $this->redirect($redirectTo);
                        } else {
                            return $this->redirect($this->Auth->redirect());
                        }
                    } else {
                        $this->response->statusCode(403);
                        // my 403 message
                    }
                }

                $this->response->statusCode(403);
                // my 403 message
            }
        }
    }

    if ("usercredentials sent by browser" === "current logged in user in session") {
    // Mark session as 'needs-to-reauthenticate'
    $this->Session->write('Auth.needs_reauthenticate', true);

    // Need to find a clean approach to get the BasicAuth loginHeaders()
    // *including* the right settings (realm)
    $this->response->header(/*BasicAuth::loginHeaders()*/);

    // Access denied status
    $this->response->statusCode(401);
    return $this->response->send();
}

    公共函数beforeFilter(){
父项::beforeFilter(false);
}
公共函数登录(){
$this->autoRender=false;
$this->Session->write('Auth.needs\u reaauthenticate',true);
如果(!$this->Session->check('Auth.count')){
$count=1;
}否则{
$count=$this->Session->read('Auth.count')+1;
}
$this->Session->write('Auth.count',$count);
if($this->Session->read('Auth.needs\u reaauthenticate')){
如果((isset($_服务器['HTTP_授权]])和($this->Session->read('Auth.count')==1)| |(!isset($_服务器['HTTP_授权])|空($_服务器['HTTP_授权])|!$this->Session check('Auth.sent_header| step')|$this->read($Auth.sent| header|step)<1)){
取消设置($_服务器['HTTP_授权]);
$this->Session->write('Auth.redirectTo',$this->Auth->redirect());
$this->response->header(sprintf('WWW-Authenticate:Basic realm=“%s””,env('SERVER_NAME'));
$this->response->statusCode(401);
$this->response->send();
$this->Session->write('Auth.sent\u header\u step',1);
}       
如果(isset($\u服务器['HTTP\U授权]])){
$this->Session->write('Auth.sent\u header\u step',0);
$base64string=base64_解码(substr($_服务器['HTTP_授权],6));
如果(!(strlen($base64string)>1和&substr($base64string,-1,1)!=“:”){
$\u服务器['PHP\u AUTH\u USER']=“”;
$\u服务器['PHP\u AUTH\u PW']=“”;
}
$data=true;
}
$this->Auth->logout();
if(isset($data)&&$this->Session->read('Auth.count')>1){
如果($this->Auth->login()){
$this->Session->write('Auth.needs\u reaauthenticate',false);
如果($this->Session->check('Auth.redirectTo')){
$redirectTo=$this->Session->read('Auth.redirectTo');
$this->Session->delete('Auth.redirectTo');
$this->Session->delete('Auth.count');
返回$this->redirect($redirectTo);
}否则{
返回$this->redirect($this->Auth->redirect());
}
}否则{
$this->response->statusCode(403);
//我的403留言
}
}否则{
如果(!isset($\u服务器['HTTP\u授权]])和&$this->Session->read('Auth.count')>1&&isset($\u服务器['PHP\u Auth\u用户])&&isset($\u服务器['PHP\u Auth\u PW'))和trim($\u服务器

    if ($this->Session->read('Auth.needs_reauthenticate')) {
    return false;
} else {
    // Normal 'isAuthorized()' checks here
}