ZF-12132: Zend_Auth_Adapter_Http basic authentication bug


Zend_Auth_Adapter_Http checks for fix ZF-1515 (line 534) that credentials should be:

$creds = array_filter(explode(':', $auth));

then calls

$password = $this->_basicResolver->resolve($creds[0], $this->_realm);

In Zend_Auth_Adapter_Http_Resolver_File (lines 154 to 162) the file is read splitted by colons. It understans that: $line[0] == $username && $line[1] == $realm && $password = $line[2] but that's not right. The realm is being passed as parameter and the Zend_Auth_Adapter_Http forces that a two parameters file should be used.


Duplicate of ZF-11025