Jump to content

faking http auth


aunquarra

Recommended Posts

This seems to have been posted in the wrong section. I apologize. I have reposted it under PHP Help. The original post is here:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--][!--sizeo:1--][span style=\"font-size:8pt;line-height:100%\"][!--/sizeo--]Hello all. This is my first post in this particular section, but I'm sure you guys will be as ever-helpful as the other folks have been, and for that, I thank you in advance.

 

Basically, my question is simple: is there a way for my php script to convince apache that an http auth procedure has already taken place?

 

I've built a session-based login system, passing a $_GET session_id() key around from page to page. It works pretty well, and after doing it on four separate sites now, I prefer it to using http auth. The main downside, though, is that with http auth, it's easy to see who is logged in by checking the apache logs (since the username is logged), and I can't do that with this system.

 

So, I'd like to somehow use my html login page rather than the pop-up http auth window, still base the whole login scheme on the mysql/sessions system it's on now, but tell apache that the username is $_SESSION['username'].

 

I've tried manually setting the $_SERVER['PHP_AUTH_USER'] var, etc., but of course, that information doesn't pass on to the next page, much less apache itself.

 

It may not be possible, but if it is, I know someone here will know how to do it. Thanks so much!

[!--sizec--][/span][!--/sizec--]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.