2.4的Apache + PHP-FPM和授权头 [英] Apache 2.4 + PHP-FPM and Authorization headers

问题描述

摘要：
阿帕奇2.4的mod_proxy似乎并没有被路过的授权标头PHP-FPM。有什么办法解决这一问题？

Summary: Apache 2.4's mod_proxy does not seem to be passing the Authorization headers to PHP-FPM. Is there any way to fix this?

龙版本：
我运行一个服务器与Apache 2.4和PHP-FPM。我使用APC为两个运code缓存和用户缓存。所推荐的互联网，我使用Apache 2.4的mod_proxy_fcgi代理请求到FPM，像这样的：

Long version: I am running a server with Apache 2.4 and PHP-FPM. I am using APC for both opcode caching and user caching. As recommended by the Internet, I am using Apache 2.4's mod_proxy_fcgi to proxy the requests to FPM, like this:

ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/foo/bar/$1

的设置工作正常，但一件事：APC的捆绑apc.php，用于监视APC的状况不允许我登录（用于查看用户的高速缓存条目需要）。当我点击用户缓存条目看到用户缓存，它要求我登录，点击登录按钮会显示常用的HTTP登录表单，但输入正确的用户名和密码的产量没有成功。与mod_php，并且代替的mod_proxy + PHP-FPM运行时，此功能可以正常使用。

The setup works fine, except one thing: APC's bundled apc.php, used to monitor the status of APC does not allow me to log in (required for looking at user cache entries). When I click "User cache entries" to see the user cache, it asks me to log in, clicking on the login button displays the usual HTTP login form, but entering the correct login and password yields no success. This function is working perfectly when running with mod_php instead of mod_proxy + php-fpm.

一些google搜索后，我发现其他人有同样的问题，并想通了，这是因为Apache没有经过授权的HTTP标头外部FastCGI进程。不幸的是我只找到了一个的mod_fastcgi修复，它是这样的：

After some googling I found that other people had the same issue and figured out that it was because Apache was not passing the Authorization HTTP headers to the external FastCgi process. Unfortunately I only found a fix for mod_fastcgi, which looked like this:

FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:9000 -pass-header Authorization

时有一个相当于设置或一些解决办法也将与mod_proxy_fcgi工作？

Is there an equivalent setting or some workaround which would also work with mod_proxy_fcgi?

推荐答案

各种Apache模块将去掉授权头，通常是安全原因。他们都有不同的晦涩的设置，你可以调整否决这种行为，但你需要确定到底哪个模块是难辞其咎的。

Various Apache modules will strip the Authorization header, usually for "security reasons". They all have different obscure settings you can tweak to overrule this behaviour, but you'll need to determine exactly which module is to blame.

您可以解决此问题通过经ENV直接传递的头PHP：

You can work around this issue by passing the header directly to PHP via the env:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

另请参阅 Zend服务器的Windows - 授权头不会传递到PHP脚本

这篇关于2.4的Apache + PHP-FPM和授权头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！