Enabling Remote Header Authorization

This topic contains 2 replies, has 3 voices. Last updated by Jason (Lead Developer) 4 years, 7 months ago.

Topic Author	Topic
Posted: Monday May 21st, 2012 at 4:51 pm #14097
Todd Username: toddhenry
I am attempting to use the s2member Remote Header Authentication for specific files & feeds. I have added the necessary parameters to the URL (&s2member_file_remote=yes). I have tried the suggestions from this topic as well, such as adding “s2member_file_inline=yes”. In the browser — if I am logged in WordPress as a user with the correct capabilities, then the authentication and the download work as they should. However, if I am not logged in to the site and attempt to access the link, it prompts me with the Name/Password box to authenticate. If I enter in the same user information I would use to log into the site, the authentication fails. I have double checked the username/pw and used a few different users. I think the issue might be tied to our server configuration. The Remote Header Auth uses the server variables $_SERVER[“PHP_AUTH_USER”] and $_SERVER[“PHP_AUTH_PW”] to verify the issue. According to a few article I found, if our server runs PHP as CGI then those server variables are not allowed to be set or used. Is there a way, using htaccess or some other workaround, to use the s2member Remote Header Authentication option while still having PHP run as CGI on our server?

Viewing 2 replies - 1 through 2 (of 2 total)

Author	Replies
Author	Replies
Posted: Tuesday May 22nd, 2012 at 9:06 pm #14223
Cristián Lávaque Username: Cristian
Hi Todd. I’ll ask Jason about PHP as CGI. Have you watched this video yet? Video » s2Member® File Downloads (Remote Auth/Podcasting) I hope that helps. :)
Posted: Thursday May 24th, 2012 at 2:08 am #14395
Jason (Lead Developer) Username: Jason
Thanks for bringing this to my attention. I was not aware of this. Thank you. I see there are several workarounds posted here: http://php.net/manual/en/features.http-auth.php I’m adding this to our TODO list, so that we can attempt to create a reliable alternative for this particular scenario. Until then, any feedback that you can provide will be welcome. Regarding the s2Member code that handles this, you might want to have a look at this file/method, if you make an attempt to create a workaround. See: /s2member/includes/classes/files-in.inc.php, starting at line #476, look for static method “check_file_remote_authorization”. ~ This thread will be updated when a workaround is available.

Viewing 2 replies - 1 through 2 (of 2 total)

This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.