堆栈内存溢出
  简体   繁体   English

使用php或javascript将用户登录到受Apache基本身份验证保护的目录(htaccess / htpasswd)

[英]Using php or javascript to log a user into a directory protected with Apache Basic Authentication (htaccess/htpasswd)

 原文  2011-03-29 00:14:05       php/ javascript/ authentication/ basic-authentication

问题描述

Is it possible to use PHP or Javascript to login to a directory protected with Apache Basic Authentication? 是否可以使用PHP或Javascript登录受Apache基本身份验证保护的目录?

A simple example: 一个简单的例子:

  • I have a directory called 'protected' (ie. http://myurl/protected ) that uses apache basic authentication 我有一个名为'protected'的目录(即http:// myurl / protected ),它使用apache基本身份验证
  • I have a form located at http://myurl/login.php with a username and password field 我有一个位于http://myurl/login.php的表单,其中包含用户名和密码字段
  • When a user enters their username/password into login.php and hits submit, either php or javascript automatically logs the user into the protected area and redirects them. 当用户在login.php中输入用户名/密码并点击提交时,php或javascript会自动将用户登录到受保护区域并重定向。
  • When the user is redirected, they do not have to re-enter their username/password information, and they have full access to the information in the protected directory. 当用户被重定向时,他们不必重新输入他们的用户名/密码信息,并且他们可以完全访问受保护目录中的信息。

Is this possible? 这可能吗? If so, how can I achieve this? 如果是这样,我怎么能做到这一点?

Update: Do to my client's implementation requirements, I can not use a php based authentication system. 更新:对我的客户端的实现要求,我不能使用基于PHP的身份验证系统。 It needs to be apache authentication. 它需要是apache身份验证。

2 个解决方案

解决方案1
 1 已采纳  2011-03-29 01:02:40

It is possible to use 可以使用 

header("Location: http://$username:$password@myurl.com/protected");

Although, I would advise against it, and use a php based authentication mentioned above without the Apache basic authentication. 虽然,我会建议反对它,并使用上面提到的基于PHP的身份验证,而不使用Apache基本身份验证。

解决方案2
 0  2011-03-29 00:25:24

My understanding about the basic authentication with apache is that it is, by definition, basic. 我对apache基本身份验证的理解是,根据定义,它是基本的。 If you are willing to work with php and mysql, you can build a simple login system that would suit your needs. 如果您愿意使用php和mysql,您可以构建一个适合您需求的简单登录系统。 Just check a username and password against its counterparts in a mysql database (of course hash the password with md5, or sha256), and if it is correct, set a session variable saying so. 只需检查mysql数据库中对应的用户名和密码(当然使用md5或sha256哈希密码),如果正确,请设置一个会话变量。 Check that variable on each page that needs authentication, and redirect if it isn't set/set to false. 检查每个需要身份验证的页面上的变量,如果未设置/设置为false,则重定向。

Here is a good example: http://progtuts.info/92/login-system/ 这是一个很好的例子: http//progtuts.info/92/login-system/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用.htaccess和.htpasswd保护目录 - Protecting a directory using .htaccess and .htpasswd PHP:调用受基本身份验证保护的API - PHP: calling an API protected using basic authentication 使用 Altorouter 和 .htpasswd 基本身份验证 - Using Altorouter along with .htpasswd basic authentication 使用htpasswd身份验证时,htaccess重定向失败 - htaccess redirect failed when using htpasswd authentication 使用盐的.htpasswd密码进行apache身份验证 - apache authentication with .htpasswd password using salt HTTP基本身份验证:如何使用php / jQuery登录到保护区? - HTTP Basic Authentication: How to login to protected area using php / jQuery? ActionScript - 使用 PHP 从受密码保护的目录 (.htaccess) 加载资产? - ActionScript - Loading Assets From Password Protected Directory (.htaccess) Using PHP? 使用php的基本身份验证(如apache的.htaccess),如何? - Basic auth (like apache's .htaccess) using php, how? 在 PHP 中验证/绕过 .htaccess .htpasswd - authenticate / bypass .htaccess .htpasswd in PHP 在PHP / HTML中使用.htaccess和.htpasswd保护子文件夹 - Protecting Sub folder using .htaccess and .htpasswd in PHP/Html
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM