addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscontroller-playcrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupshelp-with-circleimageimagesinstagramFill 1light-bulblinklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1ShapeoutlookpersonJoin Group on CardStartprice-ribbonprintShapeShapeShapeShapeImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruserwarningyahoo

RE: [linux-392] .htaccess

From: user 4.
Sent on: Saturday, January 31, 2009 3:11 AM

Cool.  I can do this with cookies.  I hope!

   SetEnvIf Cookie (A Site) logged_in=1


From: [address removed] [mailto:[address removed]] On Behalf Of Michele
Sent: Saturday, January 31, 2009 2:11 AM
To: [address removed]
Subject: [linux-392] .htaccess

 

Does anyone know why there is an authname for basic authentication in .htaccess?

The browsers authorization header only has Basic and password according the phpinfo().

.htaccess only seems for recognize environment variables defined in the http header like keep-alive or authorization or http/1.0.

The basic http modules only check user and password.

You can be logged into blah.php you can access blah2.php which is in a different authname if the rest of the authentication is the same.

Authname is in the userfile for digest, but I’m not getting the relevance of authname in basic authentication.

Where is it used?  Why isn’t it used?  Is it used?

If it was used my life would be 100% better.

If they used it I could do the following

<FilesMatch ".*[^(login.php|logout.php)]">

   SetEnvIf Authorization (A Site) logged_in=1

   Order Allow,Deny

   Allow from env=logged_in

</FilesMatch>

<Files login.php>

   AuthType Basic

   AuthName "A Site"

   require group thegroup

</Files>

<Files test.php>

   AuthType Basic

   AuthName "Logout"

   require group logout

</Files>

I could do this with digest, but the users wouldn’t be stored in the database.  Why don’t they include the authname in the headers?

Does anyone know in a basic authentication a way I could accomplish the same general thing I’m trying to do in the FilesMatch directive?

Michele





--
Please Note: If you hit "REPLY", your message will be sent to everyone on this mailing list ([address removed])
This message was sent by Michele ([address removed]) from The New York GNU/Linux Meetup Group.
To learn more about Michele, visit his/her member profile
To unsubscribe or to update your mailing list settings, click here

Meetup Support: [address removed]
632 Broadway, New York, NY 10012 USA

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy