In the default configuration the http-header "Authorization" is not passed to the fastcgi server. You could see this behavior in the mod_fastcgi documentation of the apache webserver.
The REST-API of an installation of the Magento webstore software uses oauth. To fullfil the authorization steps they use the "Authorization" header. But this header isn't passed to the php process.
So we've to append '-pass-header Authorization' to the FastCgiExternalServer configuration line to obtain a line like this:
Question
BigD
In the default configuration the http-header "Authorization" is not passed to the fastcgi server. You could see this behavior in the mod_fastcgi documentation of the apache webserver.
The REST-API of an installation of the Magento webstore software uses oauth. To fullfil the authorization steps they use the "Authorization" header. But this header isn't passed to the php process.
So we've to append '-pass-header Authorization' to the FastCgiExternalServer configuration line to obtain a line like this:
FastCgiExternalServer .../fpm.external -socket ../customer-php-fpm.socket -idle-timeout 180 -pass-header Authorization
But I'm not sure if authorization-header passing is enabled we get some security constraints too.
What do you think? Maybe we could open a feature/bug ticket for this case?
Link to comment
Share on other sites
1 answer to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.