There is also some additional configuration to make authentication works with apache, it’s explained in another thread here: Cannot get passwords on the Android App - #9 by rkk
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]