从PHP / CakePHP的访问REMOTE_USER [英] Accessing REMOTE_USER from PHP/CakePHP

问题描述

我正在开发使用.htaccess文件CakePHP的一个网站，我刚刚启用VAS验证：

I'm developing a CakePHP site for which I've just enabled VAS authentication using a .htaccess file:

AuthType VAS

AuthVasUseBasic On
AuthVasRemoteUserMap local

Require valid-user

我希望能够找出利用谁是登录 $ _ SERVER ['REMOTE_USER'] ，但我发现钥匙丢失从 $ _ SERVER 结构：所有的有 $ _ SERVER ['REDIRECT_REMOTE_USER'] 。事实上，整个结构是充满键重定向_ preFIX的：

I'd expect to be able to find out who was logged in by using $_SERVER['REMOTE_USER'], but I'm finding that the key is missing from the $_SERVER structure: all that's there is $_SERVER['REDIRECT_REMOTE_USER']. In fact, the whole structure is full of keys with the REDIRECT_ prefix:

echo var_dump($_SERVER);
array(52) {
["REDIRECT_REDIRECT_REDIRECT_SCRIPT_URL"]=>  string(37) "/cake_1_2/feedbacks/edit/6" 
["REDIRECT_REDIRECT_REDIRECT_SCRIPT_URI"]=>  string(55) "http://test/cake_1_2/feedbacks/edit/6"
["REDIRECT_REDIRECT_REDIRECT_STATUS"]=>  string(3) "200" 
["REDIRECT_REDIRECT_SCRIPT_URL"]=>  string(37) "/cake_1_2/feedbacks/edit/6" 
["REDIRECT_REDIRECT_SCRIPT_URI"]=>  string(55) "http://test/cake_1_2/feedbacks/edit/6" 
["REDIRECT_REDIRECT_STATUS"]=>  string(3) "200" 
["REDIRECT_SCRIPT_URL"]=>  string(37) "/cake_1_2/feedbacks/edit/6" 
["REDIRECT_SCRIPT_URI"]=>  string(55) "http://test/cake_1_2/feedbacks/edit/6" 
["REDIRECT_HANDLER"]=>  string(8) "php5-cgi"
["REDIRECT_STATUS"]=>  string(3) "200" 
["SCRIPT_URL"]=>  string(37) ...
["REDIRECT_REMOTE_USER"]=>  string(9) "andygeers"
... 
}

我不能完全肯定这是怎么回事！这是产生第一件事情在POST请求，它不是在这个特别的要求做一个重定向。

I'm not exactly sure what's going on! This is generated first thing in a POST request, and it's not doing a redirect on this particular request.

这是有关CakePHP的，或者只是一个PHP的问题？任何想法是怎么回事？我发现在互联网上颇有几页，现在这表明REDIRECT_REMOTE_USER是正常/共同为找到这个值的地方，但似乎没有人知道为什么！

Is this related to CakePHP, or just a general PHP issue? Any ideas what's going on? I've found quite a few pages on the internet now which suggest REDIRECT_REMOTE_USER is normal/common as a place to find this value, but nobody seems to know why!

推荐答案

Apache是​​添加这些REDIRECT_ prefixes使脚本可以更好地处理发生了什么事。对于我的应用程序，我写了一个函数来处理这个问题。在我而言这是一个类的方法，但你可以很容易地把它变成一个全球性的功能。

Apache is adding those REDIRECT_ prefixes so that scripts can better handle what has happened. For my application I have written a function to deal with this. In my case it's a method on a class, but you can easily turn it into a global function.

class MyClass {
    /** @var integer How deep the redirect layers of Apache go. -1 means not set. */
    private $redirectLevel = -1;

    /**
     * Get an environment variable with all the REDIRECT_ prefixes stripped off
     */
    private function getEnv($var)
    {
    	// Find out how deep the redirect goes
    	if ($this->redirectLevel == -1) {
    		reset($_SERVER);
    		$key = key($_SERVER);
    		$this->redirectLevel = substr_count($key, 'REDIRECT_');
    	}

    	$result = '';
    	$prefix = '';
    	for ($i = 0; $i < $this->redirectLevel + 1; $i++) {
    		if (isset($_SERVER[$prefix . $var])) {
    			$result = $_SERVER[$prefix . $var];
    		}
    		$prefix .= 'REDIRECT_';
    	}
    	return $result;
    }
}

编辑：上面的函数返回一个拥有最REDIRECT_ prefixes，这通常是你想要的变量的内容。如果Apache不会preFIX变量那么这就是你会得到什么。变量的内容可以根据prefixes的数量变化。毕竟，阿帕奇增加了preFIX所以它不会覆盖旧的值。

The above function returns the contents of the variable that has the most REDIRECT_ prefixes, which is usually what you want. If Apache would not prefix the variables then that is what you'd get. The contents of the variables can change depending on the number of prefixes. After all, Apache adds the prefix so it does not overwrite the old value.

例如，在我的网站我使用了mod_ssl做客户端身份验证与客户端的SSL证书。证书主题（包含用户的电子邮件地址）存储在SSL_CLIENT_S_DN变量。与Apache prefixing，这会出来为：

For example, on my site I use mod_ssl to do client authentication with client SSL certificates. The certificate subject (containing the user's e-mail address) is stored in the SSL_CLIENT_S_DN variable. With Apache prefixing, this will come out as:

$_SERVER['REDIRECT_REDIRECT_SSL_CLIENT_S_DN'] // string containing the subject
$_SERVER['REDIRECT_SSL_CLIENT_S_DN'] // exists, but empty
// $_SERVER['SSL_CLIENT_S_DN'] does not exist

我上面写的GETENV（）函数将返回最上面的一个。

The getEnv() function I wrote above will return the top one.

这篇关于从PHP / CakePHP的访问REMOTE_USER的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！