?
Solved

HTTP authentication

Posted on 2001-06-18
9
Medium Priority
?
219 Views
Last Modified: 2006-11-17
Hi, I am trying to collect login name and password from the client and pipe them to authenticate via HTTP authentication(.htaccess). But instead of having a small login window pop up, I would like to use text boxes. I tried the following code but the window still pops up and asks for login/password. Is there any other way to achieve my goal?

<?
  header("location:$login:$pswd@myhost.com/members/index.htm");
?>

Here, $login and $paswd are passed by HTTP POST method and as you might have guessed, /members directory is protected by .htpasswd. Any help/suggestion would be appreciated.
0
Comment
Question by:as66422
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 15

Expert Comment

by:a.marsh
ID: 6201614
I believe it's not possible - that's just the way HTTP Authentication works - but I'd love to be proven wrong. :o)

Ant
0
 
LVL 8

Expert Comment

by:us111
ID: 6201678
header("location:$login:$pswd@myhost.com/members/index.htm");  won't work

hmm not possible or ,maybe with the fsockopen function, it should work
0
 
LVL 8

Accepted Solution

by:
us111 earned 400 total points
ID: 6201703
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 8

Expert Comment

by:us111
ID: 6201722
0
 
LVL 2

Expert Comment

by:higijj
ID: 6203027
wouhou!

The best way to learn stuff like that.. is to intercep all packets send from/to your couputer.. with a sniffer ;-)

that way, you'll see how it works.. and you can simulate the same thing with socket programming!

0
 
LVL 8

Expert Comment

by:us111
ID: 6203046
heavy and huge solution, higijj :)))
the sample at
http://www.phpbuilder.com/mail/php-general/2000091/1829.php  works very well without sniffing :))
0
 
LVL 2

Expert Comment

by:higijj
ID: 6203121
I know!

but I meant for any kind of situation like this..
;-)

0
 

Author Comment

by:as66422
ID: 6203406
Thanks a million us111 you just made my day!!!
0
 

Author Comment

by:as66422
ID: 6203407
Thanks a million us111 you just made my day!!!
0

Featured Post

Tutorial: Introduction to Managing a Linux Server

In this tutorial on systemd, we will explore:
-OS/Distro Adoption
-chkconfig and Other Legacy Commands
-Summary and Key Commands

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question