PHP with Apache authentication

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

Post Reply
farhan
Forum Newbie
Posts: 5
Joined: Thu Feb 02, 2006 1:14 am

PHP with Apache authentication

Post by farhan »

Hi Guys,

I need little bit help. I have webportal in php. User normally logins under this portal through Php+Mysql

authentication module. There is a link inside this webserver1 which points to other websitewhich has simple a

apache authentication module. I want when user click webserver2 from webserver1 php should take session user

name and password and open webserver2 without prompting user name and password? I can create same user

name and password on both

webservers. Is it doable ?
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

Since cookies cannot be shared between domains your script will have to pass the sessionID in the URL (you will have to explicitly pass this to a script that will assign the id to the user's session), you'd then have to have webserver 2 read the session data off webserver 1. Is this what you meant by "session" or did you mean http authentication? Does your PHP script maintain any other session data besides login and password?
farhan
Forum Newbie
Posts: 5
Joined: Thu Feb 02, 2006 1:14 am

Post by farhan »

hi jspro2,

Thanks for prompt reply. My main concern is "http authentication". I want when user login on webserver1 they dont need to give same user name

and password for webserver2. In php is there any method or function when user click webserver2 it gets session user name and password from

webserver1 and use this user name and password for webserver2 authentication.
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

You will have to send server 2 some credentials in the link so it knows who the user really is
farhan
Forum Newbie
Posts: 5
Joined: Thu Feb 02, 2006 1:14 am

Post by farhan »

Would you like be kind enough to describe how can i do that?

Farhan
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

If you have a database of users you can check against on both machines, just send the username and password as a hash through the get string


Code: Select all

http://server1.example/page.php?user=<?php echo $user; ?>&pass=<?php echo sha1($pass) ?>
.


Then grab that data through $_GET on the other server
farhan
Forum Newbie
Posts: 5
Joined: Thu Feb 02, 2006 1:14 am

Post by farhan »

Hi jshpro2,

I have url like http://server1/index.php which is .htpasswrd protected.

And i have user admin and password 789 for this

I tried to open this link according to your method but could not

http://server1/index.php?user=admin&pass=789

Am I doing right?
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

you will need a script that checks the get data and then sets the user as logged in, simply sending the credentials alone will not do it.
farhan
Forum Newbie
Posts: 5
Joined: Thu Feb 02, 2006 1:14 am

Post by farhan »

Thanks for that. Basically I am a Sys admin not a programmer . Could you help me to give this script if you have or

just give some direction.

Heaps of thanks
Post Reply