diff --git a/doc/httprepos-git.mdtext b/doc/httprepos-git.mdtext index f2d9f7f..388f279 100644 --- a/doc/httprepos-git.mdtext +++ b/doc/httprepos-git.mdtext @@ -29,8 +29,10 @@ to mod_php or similar integrated mechanisms: analogous mechanisms might need to be setup for other http daemons), which passes through the Authorization HTTP Header of a request. - In case of mod_rewrite, the necessary line is: + In case of mod_rewrite, the necessary line is + one of (depending on server configuration): RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] + RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L] - The FastCGI adaptor must allow large requests to be handled by PHP, otherwise push might fail. diff --git a/src/IDF/Scm/Git.php b/src/IDF/Scm/Git.php index 30b74d1..6a085a8 100644 --- a/src/IDF/Scm/Git.php +++ b/src/IDF/Scm/Git.php @@ -927,10 +927,15 @@ class IDF_Scm_Git extends IDF_Scm public function repository($request, $match) { - // authenticate: authenticate connection through "extra" password - if (!empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) + // handle a couple of workarounds for authenticating with FastCGI/PHP + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) + list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + elseif (!empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6))); + elseif (!empty($_SERVER['REDIRECT_REMOTE_USER'])) + list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6))); + // authenticate: authenticate connection through "extra" password if (!empty($_SERVER['PHP_AUTH_USER'])) { $sql = new Pluf_SQL('login=%s', array($_SERVER['PHP_AUTH_USER'])); $users = Pluf::factory('Pluf_User')->getList(array('filter'=>$sql->gen()));