set auth type to cookies Peter > -----Original Message----- > From: Mark Benson [mailto:markbenson@xxxxxxx] > Sent: 22 December 2004 10:55 > To: php-db@xxxxxxxxxxxxx > Subject: Re: HTTP Auth for PHPMyAdmin > > > Martin Norland wrote: > > >What do you mean proper HTTP authorization for PHPMyAdmin - do you want > >it to log you in automatically, or do you want to use .htaccess to > >protect your PHPMyAdmin scripts? > > > >By your statement of config file, and talking about PHPMyAdmin - I'm > >assuming that you've configured it to automatically log you in - in > >which case I would suggest you verify you can login with the same exact > >paramters on its normal login, as well as confirming that the parameters > >are indeed set when it attempts to check them. > > Sorry I was being chased out of the building at the end of the > day when I was writing that e-mail :) > > What I meant was I want to setup phpMyAdmin so that a login is > required when you access the pages (i.e. you must enter a u/n and > pwd in a dialog). > Currently my config.inc.php is set so that the > '$cfg['Servers'][$i]['auth_type'] = 'config'; and I supply > the MySQL user and pwd in the config.inc.php and it connects > automatically. This is not ideal as I'd like to prevent others > accessing it, for security and integrity reasons. > > If I set the config.inc.php value to > '$cfg['Servers'][$i]['auth_type'] = 'http';' then it will > show a login dialog on connection but any u/n and pwd I try > (based on the MySQL grant tables) is rejected. > > What I need to know is what is the best way to limit access to > the pages, do I ignore the config.inc.php and setup some other > system or can i use the grant tables from my MySQL server? > > Ideally I would want to log into the MySQL server as either my > normal 'dbadmin' user OR 'root' as only 'root' has alteration > rights on the grant tables so stuff that is outside the auspices > of normal admin is easier to carry out (i.e. doesn't involve me > hacking the config.inc.php all the time). > > -- > Mark Benson > > http://homepage.mac.com/markbenson > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
