The HTTP Authorization request header contains the credentials to authenticate a user agent with a server, usually after the server has responded with a 401 Unauthorized status and the WWW-Authenticate header.
If you are using Apache2, you may notice that the HTTP_AUTHORIZATION is missing from the list of variables sent to you. This is because Apache2 decides to not send clear passwords (even if base64 encoded) across processes.
Continue reading “The HTTP Authentication header is missing”