Jump to content

Archived

This topic is now archived and is closed to further replies.

Janus13

PHP & .htaccess

Recommended Posts

This question could be asked in two different places on the forum so I'm going to post it in both - mods, I hope that's ok.

I'm trying to figure out if it's possible to get PHP and Apache .htaccess to work together to achieve a single sign on.  I have a directory security program I have written to protect directories on apache servers so it's more flexible than just having to manually create password files and us .htaccess.  At the moment I have to have it display two different login boxes. The first one is a php page that has a login form, then compares the form information to a mysql database for authentication.  If successful then it sends the user to the protected directory, and if that directory has a .htaccess file and rule setup for a password file it prompts again for user credentials.  What I want to do is figure out a way to pass the php login information to Apache so it will accept that as login credentials and not prompt the second time.  Is this possible?

Thanks for any help! I can't imagine I'm the first to want to do this, so hopefully someone has some ideas.

Share this post


Link to post
Share on other sites
I don't think you are the first, and it can be done the other way around, .htaccess login info can be sent to a php page by using the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] variables.  I'm not sure about the other way though, passing values from php to .htaccess, maybe it's just a case of setting the values of those variables, so when apache looks for them, they're valid.

I'll test it.

Regards
Huggie

[size=8pt][color=red][b]Note:[/b][/color] That didn't work :([/size]

Share this post


Link to post
Share on other sites
Ok so to get it to work then you'd have be able to overwrite the the globals for username and password, which as far as I can tell aren't possible.  So is there no way to do a SSO (Single Sign On) for Apache like you can for IIS?? I suppose you'd have to do it without .htaccess, but that's just not as secure, and for what I code for people they don't always know PHP so they can't rely on php security pages..

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.