Symfony basic HTTP authentication not working

Question

In a project using Symfony 2.8.14 I am using a very basic setup to enable basic HTTP Authentication in Symfony as described in http://symfony.com/doc/2.8/security.html

security.yml

security:

    encoders:
        Symfony\Component\Security\Core\User\User: plaintext

    providers:
        in_memory:
            memory:
                users:
                    myuser: { password: mypassword, roles: 'ROLE_USER' }

    firewalls:
        default:
            anonymous: ~
            http_basic: ~

    access_control:
        - { path: ^/myroute, roles: ROLE_USER }

When accessing /myroute on my local server I am prompted with the HTTP basic auth prompt. However, after entering the correct credentials, it just keeps showing me the prompt.

On a remote server there will be infinite "redirects" to the same route with a 401 status code after entering the correct credentials.

Both servers are running Apache 2.4 with PHP via FastCGI. There are other threads suggesting to add

# Sets the HTTP_AUTHORIZATION header removed by apache
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

to the /web/.htaccess due to a specific problem with Apache running PHP via FastCGI. However, this is already incorporated into the symfony/standard-edition (and is also present in my .htaccess).

I don't know what else to try.

Answer 1

One of the notes on http://php.net/manual/en/features.http-auth.php suggested adding this:

SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0

That helped. It appears the default .htaccess config of the symfony/standard-edition is not enough (at least in some Environments).