align-toparrow-leftarrow-rightbackbellblockcalendarcamerachatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-crosscrosseditfacebookglobegoogleimagesinstagramlocation-pinmagnifying-glassmailmoremuplabelShape 3 + Rectangle 1outlookpersonplusImported LayersImported LayersImported Layersshieldstartwitteryahoo

.htaccess

From: user 4.
Sent on: Saturday, January 31, 2009 2:11 AM

Does anyone know why there is an authname for basic authentication in .htaccess?

The browsers authorization header only has Basic and password according the phpinfo().

.htaccess only seems for recognize environment variables defined in the http header like keep-alive or authorization or http/1.0.

The basic http modules only check user and password.

You can be logged into blah.php you can access blah2.php which is in a different authname if the rest of the authentication is the same.

Authname is in the userfile for digest, but I’m not getting the relevance of authname in basic authentication.

Where is it used?  Why isn’t it used?  Is it used?

If it was used my life would be 100% better.

If they used it I could do the following

<FilesMatch ".*[^(login.php|logout.php)]">

   SetEnvIf Authorization (A Site) logged_in=1

   Order Allow,Deny

   Allow from env=logged_in

</FilesMatch>

<Files login.php>

   AuthType Basic

   AuthName "A Site"

   require group thegroup

</Files>

<Files test.php>

   AuthType Basic

   AuthName "Logout"

   require group logout

</Files>

I could do this with digest, but the users wouldn’t be stored in the database.  Why don’t they include the authname in the headers?

Does anyone know in a basic authentication a way I could accomplish the same general thing I’m trying to do in the FilesMatch directive?

Michele

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy