[ipxe-devel] Question about login option
Michael Brown
mbrown at fensystems.co.uk
Fri Aug 17 10:04:27 UTC 2012
On Friday 17 Aug 2012 07:59:23 Jim Antoniou wrote:
> I've dumped the tcp stream on the web server and don't see any indication
> that the username is showing up in it after I hit enter. With the old iPXE
> binary, I see the username show up in the tcp dump.
>
> Ideas on how I might troubleshoot this more? I am grasping at straws right
> now.
I'm pretty sure the offending commit will be
http://git.ipxe.org/ipxe.git/commitdiff/5f2226a
As part of the changes to add support for HTTP DIgest authentication, iPXE now
provides a username and password only if the server actually requests
authentication (i.e. responds with a 401 Unauthorized response).
Try adding the following code (taken from
http://php.net/manual/en/features.http-auth.php) at a suitable place within
your PHP script:
if ( ! isset ( $_SERVER['PHP_AUTH_USER'] ) ) {
header ( 'WWW-Authenticate: Basic realm="My Realm"' );
header ( 'HTTP/1.0 401 Unauthorized' );
exit;
}
That should hopefully make everything work as expected.
To improve security, you might also want to investigate the use of Digest
authentication, since that avoids exposing the plaintext password on the wire.
Michael
More information about the ipxe-devel
mailing list