473,395 Members | 1,689 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > authentication?

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Authentication?

Hello,

Is this kind of code much used for authentication?
...
if (!isset($_SERVER["PHP_AUTH_USER"])) {
header('WWW-Authenticate: Basic realm="Log in"');
header("HTTP/1.0 401 Unauthorized");
....

I have tried to play with it and downloaded a lot of codeexamples. I find
it hard
to control when I am logged in and when I am logged out. I can log out and
it seems
like it also, but when I do a refresh on my page am am logged in again.

Maybe I have missed something and that is why I dont get it to work
properly.
But would it be better to create my own form for logging in and have more
control? I guess
I would have control doing that.
- Terje

--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
Jul 17 '05 #1
3 1599
In article <op**************@news.Individual.net>,
teho <te******@broadpark.no> wrote:
Hello,

Is this kind of code much used for authentication?
...
if (!isset($_SERVER["PHP_AUTH_USER"])) {
header('WWW-Authenticate: Basic realm="Log in"');
header("HTTP/1.0 401 Unauthorized");
....

I have tried to play with it and downloaded a lot of codeexamples. I find
it hard
to control when I am logged in and when I am logged out. I can log out and
it seems
like it also, but when I do a refresh on my page am am logged in again.

Maybe I have missed something and that is why I dont get it to work
properly.


The problem with $_SERVER['PHP_AUTH_USER'] is that once it is set, it's
not possible to unset it, except by quitting the browser. I use it for
simple access control, only when logging out of the application is not
needed. If you need logging out, it's a better idea to create your own
session variables for managing authentication.

JP

--
Sorry, <de*****@cauce.org> is een "spam trap".
E-mail adres is <jpk"at"akamail.com>, waarbij "at" = @.
Jul 17 '05 #2
On Thu, 29 Apr 2004 16:46:43 +0200, Jan Pieter Kunst <de*****@cauce.org>
wrote:
In article <op**************@news.Individual.net>,
teho <te******@broadpark.no> wrote:
Hello,

Is this kind of code much used for authentication?
...
if (!isset($_SERVER["PHP_AUTH_USER"])) {
header('WWW-Authenticate: Basic realm="Log in"');
header("HTTP/1.0 401 Unauthorized");
....

I have tried to play with it and downloaded a lot of codeexamples. I
find
it hard
to control when I am logged in and when I am logged out. I can log out
and
it seems
like it also, but when I do a refresh on my page am am logged in again.

Maybe I have missed something and that is why I dont get it to work
properly.


The problem with $_SERVER['PHP_AUTH_USER'] is that once it is set, it's
not possible to unset it, except by quitting the browser. I use it for
simple access control, only when logging out of the application is not
needed. If you need logging out, it's a better idea to create your own
session variables for managing authentication.

JP


Thanks!

What you say here corresponds to what I am struggeling with, trying
to unset PHP_AUTH_USER.

Fine, I will write my own login then.

--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
Jul 17 '05 #3

"teho" <te******@broadpark.no> wrote in message
news:op**************@news.Individual.net...
Thanks!

What you say here corresponds to what I am struggeling with, trying
to unset PHP_AUTH_USER.

Fine, I will write my own login then.


Well, you could use PEAR:Auth and/or PEAR:LiveUser instead of rolling your
own.

Just a thought

Walter
http://web.torres.ws
Jul 17 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
HTTP - basic authentication example.
by: Michael Foord | last post by:
#!/usr/bin/python -u # 15-09-04 # v1.0.0 # auth_example.py # A simple script manually demonstrating basic authentication. # Copyright Michael Foord # Free to use, modify and relicense. #...
Python
8
Windows authentication
by: Bob Everland | last post by:
I have an application that is ISAPI and the only way to secure it is through NT permissions. I need to have a way to login to windows authentication so that when I get to the ISAPI application no...
ASP / Active Server Pages
6
Secure and Unsecure Web Directories using Forms Authentication
by: Billy Jacobs | last post by:
I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...
.NET Framework
9
Integrated Authentication.
by: Tom B | last post by:
In my web.config file I've specified Windows for the authentication, in IIS I've set it to Integrated Authentication. But my SQL connection is still showing Anonymous. Is there somewhere else I...
ASP.NET
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
4
Intranet and Integrated Windows Authentication
by: Andrew | last post by:
Hey all, I would like to preface my question by stating I am still learning ASP.net and while I am confident in the basics and foundation, the more advanced stuff is still a challenge. Ok....
ASP.NET
0
Web Service Authentication problem
by: Albertas | last post by:
What I'm doing wrong that I can't make my authentication to work. Here is the situation: I'm hosting a Web Service from a Windows forms application, using .NET Framework 3.0 WCF. And I want to...
.NET Framework
18
Sun Java System Directory Server Authentication
by: troywalker | last post by:
I am new to LDAP and Directory Services, and I have a project that requires me to authenticate users against a Sun Java System Directory Server in order to access the application. I have found...
C# / C Sharp
2
client authentication
by: Frank Swarbrick | last post by:
I am trying to understand "client authentication" works. My environment is DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4 as the client. We currently have DB2/LUW set...
DB2 Database
5
Forms Authentication vs MembershipProvider
by: Rory Becker | last post by:
Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!