php - Why are $_SERVER["PHP_AUTH_USER"] and $_SERVER["PHP_AUTH_PW"] not set? -

php - Why are $_SERVER["PHP_AUTH_USER"] and $_SERVER["PHP_AUTH_PW"] not set? -

before begin, i'd point out i've browsed stack overflow , found other similar questions - php_auth_user not set? , http auth via php - php_auth_user not set? - , these have pointed out authentication $_server variables won't set if ''server api'' set ''cgi/fcgi'', checked ''phpinfo()'' output , ''server api'' set ''apache 2.0 handler''.

ok have simple script follows:

<?php echo "username: " . $_server["php_auth_user"] . ", password: " . $_server["php_auth_pw"]; ?>

... calling remotely via following:

wget -v --http-user=johnsmith --http-password=mypassword http://www.example.com/myscript.php

... outputs:

username: , password:

i have tried calling script using php curl , setting authentication parameters appropriately follows:

curl_setopt($ch, curlopt_userpwd, "johnsmith:mypassword");

... same output above.

any thought i'm doing wrong? perhaps there else need enable / configure?

i've discovered reply of help of naktibalda in ##php on irc.freenode.net

the next page summarises issue: http://php.net/manual/en/features.http-auth.php

to quote relevant bits:

as of php 4.3.0, in order prevent writing script reveals password page authenticated through traditional external mechanism, php_auth variables not set if external authentication enabled particular page , safe mode enabled. regardless, remote_user can used identify externally-authenticated user. so, can utilize $_server['remote_user'].

...

php uses presence of authtype directive determine whether external authentication in effect.

php web-services authentication basic-authentication