Each release of Tasks Pro™ and Tasks 2.x up until this point have used 401 (Basic) authentication to secure the RSS Feeds and iCalendars. The main reason for the use of 401 authentication here is because this is what the software that consumes the RSS feeds and iCalendars support for authentication. It’s the right tool for the job and, configured correctly, PHP supports this quite nicely.
Unfortunately, I have to deal with the reality that some server hosts are configured in such a way that this will not work1. My first concession to this was the creation of the Use Tasks service. We have the server all nicely configured already – all you need to do is fill out a little form and bingo – you’re up and running.
Now, some people don’t want to use a hosted service (for a variety of reasons). This led me to start compiling a list of recommended hosts. However (not surprisingly), some people don’t want to change their hosting provider either.
I get e-mails every week from frustrated potential customers, asking what they can do when the 401 authentication test fails on the Server Check script. It’s frustrating to me as well, but I’m stuck with the tools I’ve chosen; and like all tools they have limitations.
Anyway, the point of all this is to say that as of the next pre-release, Tasks Pro™ and Tasks will now be supporting URL based authentication for RSS feeds and iCalendars.
This isn’t an ideal solution, but it is another option that is supported by the RSS and iCalendar software. Hopefully it will be acceptable to some of the potential customers that don’t find any of the other options to their liking.
- Generally due to running PHP as a CGI instead of as an Apache module. [up]
This post is part of the project: Tasks Pro™. View the project timeline for more context on this post.