如何在不显示弹出登录名的情况下进入Apache受密码保护的目录
[英]How to get in Apache password protected directories without showing popup login
问题描述
I read here how to get into an Apache password protected directroy via dircet link with the simple: 
我在这里阅读了如何通过dircet链接简单地进入受Apache密码保护的Directroy:
http://username:password@yoursite.com/protected_dir/
that works in FF/Chrome/Safari, and obviously not in IE7! 在FF / Chrome / Safari中有效,而在IE7中则明显无效! :) :)
Do you know how could i get into a psw protected directory creating maybe a login form and using GET/POST to get in? 您知道我如何进入受psw保护的目录,可能创建登录表单并使用GET / POST进入吗?
Do I need to set a session before getting in or I can simply pass to the protected directory the user and password as GET/POST parameters? 我是否需要在进入之前设置会话,还是可以将用户名和密码作为GET / POST参数简单地传递到受保护的目录? (In this last case what name for parameters do I have to use?) (在最后一种情况下,我必须使用什么名称的参数?)
Thanks! 谢谢!
1 个解决方案
解决方案1
5 已采纳 2010-06-18 18:00:25
What you're referring to is HTTP authentication, and is not handled with URL parameters or POST data. 您所指的是HTTP身份验证,不会通过URL参数或POST数据进行处理。
A HTTP client must handle it directly. HTTP客户端必须直接处理它。
Now, if you have no control over the password protected directory, there's nothing you can do. 现在,如果您无法控制受密码保护的目录,那么您无能为力。
If, however, you do have control and want to provide an HTML login form, you must change the method of authentication and, instead of relying on HTTP authentication, do it via URL parameters or POST data. 但是,如果您确实有控制权并想提供HTML登录表单,则必须更改身份验证方法,并且不依赖HTTP身份验证,而是通过URL参数或POST数据进行身份验证。 You can do that not using a different authentication type module for a Apache (necessarily a third-party one, because Apache only supports HTTP Basic and Digest authentication), or, more realistically, doing the authentication with PHP and managing a session. 您可以做到这一点,而不是对Apache使用不同的身份验证类型模块(由于Apache仅支持HTTP Basic和Digest身份验证,因此不必使用第三方模块),或者更实际地,使用PHP进行身份验证并管理会话。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.