Authentication
Posted: Tue Aug 06, 2002 2:17 am
Hi.
I have a kind of weird problem. I have a portal page with a community login. The information that the user is authenticated is stored in my PHP-session. Works all fine if I stay on my portal.
Now I have some content that is outside from my scripts (like phpMyAdmin), so I can not test for my session-parameter in that content. But I want that content only delivered to the authenticated users.
I restrict access with a .htacces file, so the user has to authenticate again in the passwd-popup. Is there some way to pass my authentication information to the HTTP-authentication?
I had the following ideas (which all seem useless):
- Check authentication, if ok, do a redirect to http://user:pass@mydomain/phpmyadmin/index.php3. Useless, because you can see the passwd in the URL-field of the browser.
- Send the Authenticate Header in the Request. But how could I do that?
Mybe there is a solution outside PHP? My PHP version is something > 4.1 (don't know correctly), Apache 1.3.26.
I hope I described my problem clear enough, TIA,
dazer
I have a kind of weird problem. I have a portal page with a community login. The information that the user is authenticated is stored in my PHP-session. Works all fine if I stay on my portal.
Now I have some content that is outside from my scripts (like phpMyAdmin), so I can not test for my session-parameter in that content. But I want that content only delivered to the authenticated users.
I restrict access with a .htacces file, so the user has to authenticate again in the passwd-popup. Is there some way to pass my authentication information to the HTTP-authentication?
I had the following ideas (which all seem useless):
- Check authentication, if ok, do a redirect to http://user:pass@mydomain/phpmyadmin/index.php3. Useless, because you can see the passwd in the URL-field of the browser.
- Send the Authenticate Header in the Request. But how could I do that?
Mybe there is a solution outside PHP? My PHP version is something > 4.1 (don't know correctly), Apache 1.3.26.
I hope I described my problem clear enough, TIA,
dazer