Re: [users@httpd] HTTP auth and custom login pages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 30 January 2006 23:37, Andy Moran wrote:
> We have a bunch of folders protected by  htaccess valid-user directives,
> but management has decided that they want a nice login page rather than
> the browser prompting for a username and password.
>
> Is it possible to create a form page that then sends the auth
> information to apache via POST or some such?     I'd hate to have to
> come up with an entirely new authentication scheme.  .htaccess files are
> so damn convenient.

Yes, but ...

You can use other means of authentication - cookies are easiest,
but will of course fail on users with high privacy/security settings.
URL Session variables are another option.

But you won't get security that way.  How much does that matter?
(OTOH, if what you use now is basic authentication, it won't be
much difference).

But why .htaccess?  As soon as you enable .htaccess files you slow
the server severely.

-- 
Nick Kew

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux