I am trying to set up very basic digest authentication under / admin in my domain (this is actually a subdomain). I will register the authentication procedure in my bootstrap.php :
protected function _initAdminArea() { //setup protected area $config = array( 'accept_schemes' => 'digest', 'realm' => 'administration', 'digest_domains' => '/admin', 'nonce_timeout' => 3600 ); $authAdapter = new Zend_Auth_Adapter_Http($config); $digestResolver = new Zend_Auth_Adapter_Http_Resolver_File(APPLICATION_PATH . '/../data/admins.txt'); $authAdapter->setDigestResolver($digestResolver); //set storage $storage = new Zend_Auth_Storage_NonPersistent(); Zend_Auth::getInstance()->setStorage($storage); //dispatch auth adapter using plugin $loader = new Zend_Loader_PluginLoader(array('Application_Plugin' => APPLICATION_PATH . '/plugins'), 'auth'); $AdminAuth = $loader->load('AdminAuth'); $auth = new $AdminAuth($authAdapter); //register plugin Zend_Controller_Front::getInstance()->registerPlugin($auth); }
Then I ask the user to log in for each request using the AdminAuth.php plugin:
require_once 'Zend/Auth.php'; require_once 'Zend/Controller/Plugin/Abstract.php'; require_once 'Zend/Auth/Adapter/Interface.php'; class Application_Plugin_AdminAuth extends Zend_Controller_Plugin_Abstract { protected $adapter; public function __construct(Zend_Auth_Adapter_Interface $adapter) { $this->adapter = $adapter; } public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { $this->adapter->setRequest($this->_request); $this->adapter->setResponse($this->_response); $result = $this->adapter->authenticate(); if (!$result->isValid()) { echo 'auth failure'; } } }
It seems to be working fine. However, authentication always fails. I checked both client and server MD5 hashes many times and they are correct. This is what admins.txt looks like:
peter:administration:1f7758428f7646706dbdcfe8d754427a
I also tried changing the digest to basic authentication and changing the MD5 hash to plain text. However, authentication still does not work.
When I run the following command in the console:
curl --digest -u peter:password http://sub.domain.com/admin -v
I get the following output:
* About to connect() to sub.domain.com port 80 (#0) * Trying 83.96.149.65... connected * Connected to sub.domain.com (83.96.149.65) port 80 (#0) * Server auth using Digest with user 'peter' > GET /admin HTTP/1.1 > User-Agent: curl/7.21.0 (x86_64-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18 > Host: sub.domain.com > Accept: ** > < HTTP/1.1 401 Authorization Required < Date: Mon, 25 Jul 2011 14:04:38 GMT < Server: Apache/2.2.19 (Unix) < X-Powered-By: PHP/5.2.17 * Authentication problem. Ignoring this. < Www-Authenticate: Digest realm="administration", domain="/admin", nonce="3f624929a274a868c0fc0188a3c49c8e", opaque="d75db7b160fe72d1346d2bd1f67bfd10", algorithm="MD5", qop="auth" < X-Powered-By: PleskLin < Content-Length: 1630 < Connection: close < Content-Type: text/html < auth failure
In particular, the Authentication problem. Ignoring this. Authentication problem. Ignoring this. Does anyone know what could go wrong? I am 100% sure that the provided user credentials are correct (I also checked the capital letters, etc.).