[Connect with API not possible - HTTP 401 Unauthenticated.]

  In a web from one of my customers I changed for testing purposes the pass_authorizationheader` to `1` in the froxlor database.

In the virtual host.conf I can see now the option

FcgidPassHeader     Authorization

see:

<VirtualHost 185.184.215.113:80>
  ServerName latina-halle.de
  ServerAlias www.latina-halle.de
  ServerAdmin +++++++++++++++++
  DocumentRoot "/var/customers/webs/latina"
  FcgidIdleTimeout 30
  FcgidPassHeader     Authorization
  SuexecUserGroup "latina" "latina"
  <Directory "/var/customers/webs/latina/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/latina/latina-halle.de/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  Alias /awstats "/var/customers/webs/latina/awstats/latina-halle.de"
  Alias /awstats-icon "/usr/share/awstats/icon/"
  LogLevel warn
  ErrorLog "/var/customers/logs/latina-error.log"
  CustomLog "/var/customers/logs/latina-access.log" combined
</VirtualHost>

When I look for this option in vhost-config for froxlor in the /etc/apache2/sites-enabled I find nothing.

 

[Connect with API not possible - HTTP 401 Unauthenticated.]

52 minutes ago, d00p said:

And this diff should fix the issue that the value is not stored when using FCGID:

 

diff --git a/lib/Froxlor/Api/Commands/PhpSettings.php b/lib/Froxlor/Api/Commands/PhpSettings.php
index 588c04a6..d53cf075 100644
--- a/lib/Froxlor/Api/Commands/PhpSettings.php
+++ b/lib/Froxlor/Api/Commands/PhpSettings.php
@@ -312,7 +312,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity
                                $fpm_enableslowlog = 0;
                                $fpm_reqtermtimeout = 0;
                                $fpm_reqslowtimeout = 0;
-                               $fpm_pass_authorizationheader = 0;
                                $override_fpmconfig = 0;
                        } elseif (Settings::Get('phpfpm.enabled') == 1) {
                                $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true);
@@ -548,7 +547,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity
                                $fpm_enableslowlog = 0;
                                $fpm_reqtermtimeout = 0;
                                $fpm_reqslowtimeout = 0;
-                               $fpm_pass_authorizationheader = 0;
                                $override_fpmconfig = 0;
                        } elseif (Settings::Get('phpfpm.enabled') == 1) {
                                $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true);

 

Unfortunately authentication does not work. Do you now in which file the config-data will be written for FCGI on apache24 for the froxlor host?

[Connect with API not possible - HTTP 401 Unauthenticated.]

36 minutes ago, d00p said:

Just tested that on the demo...it really seems not be saved, need to check, for now (if you want to continue api testing) just set value of the field `pass_authorizationheader` to `1` in the table `panel_phpconfigs` and force the cronjob manually to regenerate configs

This worked for me! See now the switch on in froxlor php config!

[Connect with API not possible - HTTP 401 Unauthenticated.]

11 minutes ago, d00p said:

And this diff should fix the issue that the value is not stored when using FCGID:

 

diff --git a/lib/Froxlor/Api/Commands/PhpSettings.php b/lib/Froxlor/Api/Commands/PhpSettings.php
index 588c04a6..d53cf075 100644
--- a/lib/Froxlor/Api/Commands/PhpSettings.php
+++ b/lib/Froxlor/Api/Commands/PhpSettings.php
@@ -312,7 +312,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity
                                $fpm_enableslowlog = 0;
                                $fpm_reqtermtimeout = 0;
                                $fpm_reqslowtimeout = 0;
-                               $fpm_pass_authorizationheader = 0;
                                $override_fpmconfig = 0;
                        } elseif (Settings::Get('phpfpm.enabled') == 1) {
                                $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true);
@@ -548,7 +547,6 @@ class PhpSettings extends ApiCommand implements ResourceEntity
                                $fpm_enableslowlog = 0;
                                $fpm_reqtermtimeout = 0;
                                $fpm_reqslowtimeout = 0;
-                               $fpm_pass_authorizationheader = 0;
                                $override_fpmconfig = 0;
                        } elseif (Settings::Get('phpfpm.enabled') == 1) {
                                $fpm_reqtermtimeout = Validate::validate($fpm_reqtermtimeout, 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/', '', [], true);

 

Your support is a dream!!! Many, thanks!!! I want to send you money for your unbelievable quick response. Where I shopuld transfer it!

[Connect with API not possible - HTTP 401 Unauthenticated.]

2 hours ago, d00p said:

Can't tell without more details. I've never had any issues setting this option and using it. 

I made intensive tests to narrow down the problem. Here my results.

I went to php, php configs and used one config. I changed the switch of "Übergeben von HTTP AUTH BASIC/DIGEST-Headern von Apache an PHP" to on and saved. I called this configuration, and the switch was off. I checked the same with "Für aktuelle Kunden automatisch hinzufügen". Switch stays off. I changed other information in the php.ini Einstellungen: they correctly saved.

I checked this with other php configurations. Same behavior. I used other Browser (instead of Firefox, Chrome) I checked it on other computer. Same behavior. From my point of you, it has to do with the Switch on/off elememt. So I checked next the behavior of the switch in "Domain bearbeiten". There switches work like expected.

So for me it means, the switches on the PHP-Config page are the reason of the problem. I have no idea why. I will investigate the problem further with clientsite debugging. Maybe you can give me on basis of this information another hint. I would great appreciate your help.

[Connect with API not possible - HTTP 401 Unauthenticated.]

38 minutes ago, d00p said:

so, even for FCGID there's "Passing HTTP AUTH BASIC/DIGEST headers from Apache to PHP" for each php-option. Validate that the froxlor vhost php-config has this flag enabled

Sorry I must disturb you once more. I switch "Übergeben von HTTP AUTH BASIC/DIGEST-Headern von Apache an PHP " rto on, save. After saving I open config and switch is off!. I am lost. Why I can't switch this option to on?

[Connect with API not possible - HTTP 401 Unauthenticated.]

28 minutes ago, d00p said:

so, even for FCGID there's "Passing HTTP AUTH BASIC/DIGEST headers from Apache to PHP" for each php-option. Validate that the froxlor vhost php-config has this flag enabled

This was really helpful. I didn't know this option. I hope I come now a little bit further. Many thanks for your immediate help. Maybe it helps, if you give this hint in the API-documentation.

Now it looks so:

[Connect with API not possible - HTTP 401 Unauthenticated.]

24 minutes ago, d00p said:

https://docs.froxlor.org/latest/api-guide/

NOTE

If you are using php-fpm with apache2, in order for the API authentication to work properly, you need to enable Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts in the PHP-configuration assigned to froxlor.

I use FCGI.

[Connect with API not possible - HTTP 401 Unauthenticated.]

I need a little hint. I want to use the Froxlor API. For testing purposes I used the cURL-sample and the PHP sample. Nothing works. I get only the error: Unauthenticated. Please provide api user credentials. API Access is allowed and the key/secret pair is created and will be used in the sample code.

Where is my mistake?

Many thanks for your help.