|Sent on:||Saturday, January 31, 2009 2:11 AM|
Does anyone know why there is an authname for basic authentication in .htaccess?
The browsers authorization header only has Basic and password according the phpinfo().
.htaccess only seems for recognize environment variables defined in the http header like keep-alive or authorization or http/1.0.
The basic http modules only check user and password.
You can be logged into blah.php you can access blah2.php which is in a different authname if the rest of the authentication is the same.
Authname is in the userfile for digest, but I’m not getting the relevance of authname in basic authentication.
Where is it used? Why isn’t it used? Is it used?
If it was used my life would be 100% better.
If they used it I could do the following
SetEnvIf Authorization (A Site) logged_in=1
Allow from env=logged_in
AuthName "A Site"
require group thegroup
require group logout
I could do this with digest, but the users wouldn’t be stored in the database. Why don’t they include the authname in the headers?
Does anyone know in a basic authentication a way I could accomplish the same general thing I’m trying to do in the FilesMatch directive?