Using PHP’s HTTP auth with Shibboleth

If you have a PHP application that uses the internal auth handling then, so long as it only needs PHP_AUTH_USER and not PHP_AUTH_PW, you can use it with Shibboleth by adding the following to your .htaccess file:

   RewriteEngine on
   RewriteCond %{REMOTE_USER} ^(.+)@[^@]+$
   RewriteRule .? - [E=PHP_AUTH_USER:%1]

This checks for the existence of the standard REMOTE_USER variable (which Shib does properly set) and, if it matches the standard uid@scope format, copies only the user ID portion into PHP_AUTH_USER so as to match how the other HTTP auth mechanisms (Basic, Digest, Kerberos, etc.) populate the value.

Need More Information?

Is OSU Web Hosting right for you? Check your eligibility.

More questions? Check the support section or contact us.

Ready to get started? Request hosting now!