httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: [users@httpd] HTTP auth and custom login pages
Date Tue, 31 Jan 2006 00:35:55 GMT
On Monday 30 January 2006 23:37, Andy Moran wrote:
> We have a bunch of folders protected by  htaccess valid-user directives,
> but management has decided that they want a nice login page rather than
> the browser prompting for a username and password.
>
> Is it possible to create a form page that then sends the auth
> information to apache via POST or some such?     I'd hate to have to
> come up with an entirely new authentication scheme.  .htaccess files are
> so damn convenient.

Yes, but ...

You can use other means of authentication - cookies are easiest,
but will of course fail on users with high privacy/security settings.
URL Session variables are another option.

But you won't get security that way.  How much does that matter?
(OTOH, if what you use now is basic authentication, it won't be
much difference).

But why .htaccess?  As soon as you enable .htaccess files you slow
the server severely.

-- 
Nick Kew

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message