Shopware: htaccess验证在管理员界面中无法工作

huangapple go评论68阅读模式
英文:

Shopware: htaccess authentication not working with adminnistration

问题

我尝试在我的Shopware 6应用程序中设置密码验证,我创建了一个.htpasswd文件,其中包含用户名和哈希密码。

.htpasswd已与.htaccess正确链接,我可以看到提示对话框要求输入用户名/密码组合。

我的public/.htaccess文件:

AuthType Basic
AuthName "受限区域"
AuthUserFile /Path/to/MyDomainSecretDirectory/.htpasswd
require valid-user

问题: 尝试访问/admin时,对话框一直要求输入密码,并返回401错误,尽管密码正确,并在商店页面中有效。可能的问题是什么?

英文:

I'm trying to set a password authentication in my Shopware 6 application, I created a .htpasswd file with the username and a hashed password.

The .htpasswd was linked properly with the .htaccess and it works as I can see the prompt dialog asking for the username/password combination.

My public/.htaccess file:

AuthType Basic
AuthName "restricted area"
AuthUserFile /Path/to/MyDomainSecretDirectory/.htpasswd
require valid-user

The problem: When trying to access the /admin the dialogue box keeps asking for the password and returns a 401 error although the password is fine and works with the storefront.

What could be the problem?

答案1

得分: 1

我找到了解决这个问题的方法。

> 使用Shopware 6,一些商店数据也存在于无法从互联网访问的目录之外。使用经典的.htaccess密码保护设置后,Shopware登录不再起作用。在调用Shopware后台时,会反复要求输入htaccess保护的密码,因此无法登录。

解决方法是取消保护/api端点。只需在.htaccess代码下添加以下代码块:

AuthType Basic
AuthName "受限区域"
AuthUserFile /Path/to/MyDomainSecretDirectory/.htpasswd
require valid-user

# 添加以下行以取消保护/API路由
SetEnvIf Request_URI /api noauth=1
<RequireAny>
Require env noauth
Require env REDIRECT_noauth
Require valid-user
</RequireAny>
英文:

I found the answer to this issue.

> With Shopware 6, some of the shop data is also outside of the
> directory that can be accessed from the Internet. With a classic
> .htaccess password protection setup, the Shopware login no longer
> works. When calling up the Shopware backend, you are repeatedly asked
> for the password for the htaccess protection, making it impossible to
> log in.

The solution here is to unprotect the /api endpoint. Simply add the following code block under the .htaccess code:

AuthType Basic
AuthName "restricted area"
AuthUserFile /Path/to/MyDomainSecretDirectory/.htpasswd
require valid-user

# ADD THESE LINES TO UNPROTECT THE /API ROUTE
SetEnvIf Request_URI /api noauth=1
<RequireAny>
Require env noauth
Require env REDIRECT_noauth
Require valid-user
</RequireAny>

huangapple
  • 本文由 发表于 2023年5月17日 20:03:37
  • 转载请务必保留本文链接:https://go.coder-hub.com/76271891.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定