If you created www.foo.com/secure that was password-protected, the password/username gets passed back and forth for each page underneath it (http://httpd.apache.org/docs/howto/auth.html#basiccaveat) The referenced page mentions this as a caveat for basic auth, but probably is true no matter what kind of authentication you use.
>From there, it shows up as a variable to the CGI/PHP scripts that can pull it out if it knows where to look. It would require hacking of each application, but I think it can be done. If you go this route, SSL all the way. But you probably knew that. -Mark On Wed, 2002-04-10 at 11:10, Kenneth E. Lussier wrote: > Hi All, > > Along the lines of the webmail comments made earlier, I was wondering > something. I am looking to impliment several web-based applications in > my company: Groupware, project management, file management, password > management, leads tracking, etc. I have found several (thousand) > applications that meet our needs from sourceforge, freshmeat, et al. > However, they all suffer from one problem: They all require > authentication. This means users would have to log into each individual > application seperately. What I would like to do is have a single login > page that then passes the users authentication to each application. Has > anyone out there done this sort of thing? If so, is it a fairly easy > thing to do, or am I in for a world of pain? To keep things as simple as > possible, everything that I end up using will be in PHP. Any advice is > more than welcome, since I am not a Web developer!! > > TIA, > Kenny > -- > ---------------------------------------------------------------------------- > "Tact is just *not* saying true stuff" -- Cordelia Chase > > Kenneth E. Lussier > Sr. Systems Administrator > Zuken, USA > PGP KeyID CB254DD0 > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCB254DD0 > > > > ***************************************************************** > To unsubscribe from this list, send mail to [EMAIL PROTECTED] > with the text 'unsubscribe gnhlug' in the message body. > ***************************************************************** ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
