Janus13 Posted October 24, 2006 Share Posted October 24, 2006 This question could be asked in two different places on the forum so I'm going to post it in both - mods, I hope that's ok.I'm trying to figure out if it's possible to get PHP and Apache .htaccess to work together to achieve a single sign on. I have a directory security program I have written to protect directories on apache servers so it's more flexible than just having to manually create password files and us .htaccess. At the moment I have to have it display two different login boxes. The first one is a php page that has a login form, then compares the form information to a mysql database for authentication. If successful then it sends the user to the protected directory, and if that directory has a .htaccess file and rule setup for a password file it prompts again for user credentials. What I want to do is figure out a way to pass the php login information to Apache so it will accept that as login credentials and not prompt the second time. Is this possible?Thanks for any help! I can't imagine I'm the first to want to do this, so hopefully someone has some ideas. Quote Link to comment https://forums.phpfreaks.com/topic/24892-php-htaccess/ Share on other sites More sharing options...
HuggieBear Posted October 24, 2006 Share Posted October 24, 2006 I don't think you are the first, and it can be done the other way around, .htaccess login info can be sent to a php page by using the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] variables. I'm not sure about the other way though, passing values from php to .htaccess, maybe it's just a case of setting the values of those variables, so when apache looks for them, they're valid.I'll test it.RegardsHuggie[size=8pt][color=red][b]Note:[/b][/color] That didn't work :([/size] Quote Link to comment https://forums.phpfreaks.com/topic/24892-php-htaccess/#findComment-113516 Share on other sites More sharing options...
Janus13 Posted October 28, 2006 Author Share Posted October 28, 2006 Ok so to get it to work then you'd have be able to overwrite the the globals for username and password, which as far as I can tell aren't possible. So is there no way to do a SSO (Single Sign On) for Apache like you can for IIS?? I suppose you'd have to do it without .htaccess, but that's just not as secure, and for what I code for people they don't always know PHP so they can't rely on php security pages.. Quote Link to comment https://forums.phpfreaks.com/topic/24892-php-htaccess/#findComment-115676 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.