Support » Plugin: Atom Publishing Protocol » does not work with cgi, solution found

  • The plugin doesn’t function in a cgi environment. After deleting the 3.4 AtomPub files, I was getting 401 Unauthorized errors (even though it was working fine in the old implementation under WP 3.4). The authentication wasn’t properly being sent to the file after the rewrite. I had to do two things:

    Change .htaccess from
    RewriteRule . /index.php [L]
    RewriteRule . /index.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

    change class-wp-atom-server.php authenticate() to:

    function authenticate() {
    		// if using mod_rewrite/ENV hack
    		if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
    			list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
    				explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
    		} else if (isset($_SERVER['REDIRECT_REMOTE_USER'])) {
          //is this even possible now?
    			// Workaround for setups that do not forward HTTP_AUTHORIZATION
    			// See
    			list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
    				explode(':', base64_decode(substr($_SERVER['REDIRECT_REMOTE_USER'], 6)));
    		} else if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
    			//because wpapp.php is virtual, the name of the server var has changed
    			list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
    				explode(':', base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
    		// If Basic Auth is working...
    		if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
    			$user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
    			if ( $user && !is_wp_error($user) ) {
    				return true;
    		return false;

    I tired to commit this to the svn, but I’m not really sure how this process works.


  • The topic ‘does not work with cgi, solution found’ is closed to new replies.