Remote Auth Not Accepting Username / Password

I’ve followed the instructions on setting up Remote Auth files/downloads but for some reason, when the login-box appears, it will not accept my username and password.

This happens in iTunes (where I have set up an xml file in the protected directory) and when I simply enter a URL to protected file in the browser. For instance something like:

http://www.site.com/?s2member_file_remote=yes&s2member_file_inline=yes&s2member_file_download=testshow1.mp3

I am able to log in with my user name and password to my site, so I know that is OK. It’s just a probilem when it comes to Remote Auth.

Also, I download the s2Member® Server Scanner and everything is coming up OK. Not sure where I’ve gone wrong here. :(

Sorry to keep bumping these thread but really need some help. The whole reason I purchased S2member pro was because of its ability to work with protected files for a membership podcast.

Thank you for reporting this important issue.

I’m very sorry for the delay in response.

Could you send us a Dashboard login so we can take a look at your setup?

See: s2Member® » Private Contact Form

Let us know here when you’ve done that.

Thanks for the reply!

I have submitted the form.

Details Received.

I logged in and I see the problem. I’ll see if I can find the solution.

Investigation Completed.

I talked with Jason (lead developer) about this and we came to the realization that this is an issue with the certain setup you have on your server. For some reason your PHP_AUTH_USER and PHP_AUTH_PW server varibles (which should be set when a User puts in their Username/Password on the prompt) is not being set in PHP. It is, however, being set in Apache, and we found a way to use this to add the values to the $_SERVER array.

To do this I added these two lines to your WordPress .htaccess file:

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

This gives us a PHP $_SERVER variable that contains the information from the prompt. Right now s2Member is not capable of using this variable, so I also added the following code to your s2-hacks.php file to make the use of this variable possible:

function s2hack_remote_auth_write_server_vars() {
	if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) {
		list($name, $password) = explode(':', base64_decode($matches[1]));
		$_SERVER['PHP_AUTH_USER'] = esc_html($name);
		$_SERVER['PHP_AUTH_PW'] = esc_html($password);
	}
	if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
		list($name, $password) = explode(':', base64_decode($matches[1]));
		$_SERVER['PHP_AUTH_USER'] = esc_html($name);
		$_SERVER['PHP_AUTH_PW'] = esc_html($password);
	}
}

add_action('ws_plugin__s2member_during_check_file_remote_authorization_before', 's2hack_remote_auth_write_server_vars');

We will be adding a check for this variable in the next maintenance release of s2Member, at which point you can remove this code from your s2-hacks.php file. You will, however, need to leave the code in your .htaccess file for s2Member to work correctly.

In the future, if another User has this problem as well, you need to put the two lines I put in this User’s main .htaccess file into yours as well.

---

You are now good-to-go.

Thank you so much! It appears to be working! You guys rock!

Not sure what happened, because everything was working and now I’m having the same problem! I can’t remotely download files (it keeps rejecting my username and password)

Doh! Please disregard. I’ve been messing around trying to get the RSS feed working with various podatchers and I locked myself out for failed login attempts.

Heh, it can happen to anyone. Thanks for the update. :)