httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] options of the mod_auth
Date Mon, 15 Mar 2004 19:30:41 GMT

On Mon, 15 Mar 2004, Sergio A Lima Jr wrote:

> Hello.
>     I want to log users in the .htaccess file only redirecting the url
> with the password and user, like:
>         http://user:pass@www.site.com/restrict/
>     This function correctly with many browsers but with the Internet
> Explorer I've got an "Invalid syntax error".
>   What have to do ? if I want to pass the user and password by POST with
> a php script , how can I do that ?

You can't do that.  It was never really supported by the HTTP spec, and
is being removed from many browsers because it is used by spammers and
worms to disguise sites.

Basic auth works ONLY using the browser-based password popup.  If you want
any other kind of control, you need to role your own authorization using
cookies or similar session-management techniques.  Since you are using
php, you should be able to easily impliment the session management using
php features.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message