FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Digest Authentication
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Digest Authentication [message #179866 is a reply to message #179865] Fri, 14 December 2012 03:15 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 12/13/2012 7:49 PM, dhtmlkitchen(at)gmail(dot)com wrote:
> Hi,
>
> I am trying to implement a password protected area of a site. I have never done this before.
>
> HTTP digest authentication seemed suitable for our low-level security requirements.
>
> Here is our PHP 5.3.6 configuration:
> http://thai-massage.com/phpinfo.php
>
> Here is the script I am using, from PHP.net:
> http://php.net/manual/en/features.http-auth.php#example-349
>
> The script is running here:
> http://thai-massage.com/dollar-school/PHP-PayPal-IPN-master/example/auth.ph p
>
> The login credentials are hard coded for sake of example. Eventually I want to get the password from a MySQL database.
>
> Results:
> * Cancel: "Text to send if user hits Cancel button"
> * Correct Login (guest/guest): Displays login prompt again
> * Incorrect Login (a/s): Displays login prompt again
>
> Expected results:
> * Cancel: "Text to send if user hits Cancel button"
> * Correct login (guest/guest): 'You are logged in as: guest"
> * Incorrect login: "Wrong Credentials!"
>
> Cancel is doing what I expect, but the login does not.
>
> What am I doing wrong? How can I get the result I want?
>
>

Do you have your web server configuration set up correctly?

HTTP authentication is handled by the web server. PHP only gets control
after the user has passed the web server's authentication.

It looks like you never set your web server up to handle the
authentication, so it never passes - and the server just keeps resending
the request.

Now if the user presses cancel, the web server will fail the
authentication request and pass the request on to your scripts (usually
an "authentication failed" page.



--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Using echo to run separate PHP script from HTML
Next Topic: simple dating site
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 00:37:01 GMT 2024

Total time taken to generate the page: 0.04138 seconds