Basic HTTP Auth with FCGI & Rails


#1

Hello,

I have implemented BASIC HTTP AUTHORIZATION in one of my web applications. However, authentication headers (set in the browser during authentication) are not being passed back to my application. (I verify this by looking in request.env for on the HTTP_AUTHORIZATION header – it is always there in my development environment, but never in dreamhost production)

The dreamhost wiki (and other sites such as http://agilewebdevelopment.com/plugins/simple_http_auth) suggest the following rewrite statement in .htaccess to pass headers:

RewriteRule ^(.*)$ dispatch.fcgi [E=X_http_AUTHORIZATION:%{http:AUTHORIZATION},QSA,L]

I’ve replaced by default rewrite with this line, but I don’t see any change. I have inspected the headers in the HTTP response. They don’t appear to include the HTTP_AUTHORIZATION values I am expecting. The headers are being set and sent by my browser. Then they are being dropped by DH somewhere before my rails app gets them. (Apache? fcgi?)

Any ideas to fix (or further troubleshoot)?

Thanks,
-Chris