Jump to content

PHP & .htaccess


Janus13

Recommended Posts

This question could be asked in two different places on the forum so I'm going to post it in both - mods, I hope that's ok.

I'm trying to figure out if it's possible to get PHP and Apache .htaccess to work together to achieve a single sign on.  I have a directory security program I have written to protect directories on apache servers so it's more flexible than just having to manually create password files and us .htaccess.  At the moment I have to have it display two different login boxes. The first one is a php page that has a login form, then compares the form information to a mysql database for authentication.  If successful then it sends the user to the protected directory, and if that directory has a .htaccess file and rule setup for a password file it prompts again for user credentials.  What I want to do is figure out a way to pass the php login information to Apache so it will accept that as login credentials and not prompt the second time.  Is this possible?

Thanks for any help! I can't imagine I'm the first to want to do this, so hopefully someone has some ideas.
Link to comment
Share on other sites

I don't think you are the first, and it can be done the other way around, .htaccess login info can be sent to a php page by using the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] variables.  I'm not sure about the other way though, passing values from php to .htaccess, maybe it's just a case of setting the values of those variables, so when apache looks for them, they're valid.

I'll test it.

Regards
Huggie

[size=8pt][color=red][b]Note:[/b][/color] That didn't work :([/size]
Link to comment
Share on other sites

Ok so to get it to work then you'd have be able to overwrite the the globals for username and password, which as far as I can tell aren't possible.  So is there no way to do a SSO (Single Sign On) for Apache like you can for IIS?? I suppose you'd have to do it without .htaccess, but that's just not as secure, and for what I code for people they don't always know PHP so they can't rely on php security pages..
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.