set auth type to cookies


> -----Original Message-----
> From: Mark Benson [mailto:[EMAIL PROTECTED]
> Sent: 22 December 2004 10:55
> Subject: [PHP-DB] Re: HTTP Auth for PHPMyAdmin
> Martin Norland wrote:
> >What do you mean proper HTTP authorization for PHPMyAdmin - do you want
> >it to log you in automatically, or do you want to use .htaccess to
> >protect your PHPMyAdmin scripts?
> >
> >By your statement of config file, and talking about PHPMyAdmin - I'm
> >assuming that you've configured it to automatically log you in - in
> >which case I would suggest you verify you can login with the same exact
> >paramters on its normal login, as well as confirming that the parameters
> >are indeed set when it attempts to check them.
> Sorry I was being chased out of the building at the end of the 
> day when I was writing that e-mail :)
> What I meant was I want to setup phpMyAdmin so that a login is 
> required when you access the pages (i.e. you must enter a u/n and 
> pwd in a dialog).
> Currently my is set so that the 
> '$cfg['Servers'][$i]['auth_type']     = 'config'; and I supply 
> the MySQL user and pwd in the and it connects 
> automatically. This is not ideal as I'd like to prevent others 
> accessing it, for security and integrity reasons.
> If I set the value to 
> '$cfg['Servers'][$i]['auth_type']     = 'http';' then it will 
> show a login dialog on connection but any u/n and pwd I try 
> (based on the MySQL grant tables) is rejected.
> What I need to know is what is the best way to limit access to 
> the pages, do I ignore the and setup some other 
> system or can i use the grant tables from my MySQL server?
> Ideally I would want to log into the MySQL server as either my 
> normal 'dbadmin' user OR 'root' as only 'root' has alteration 
> rights on the grant tables so stuff that is outside the auspices 
> of normal admin is easier to carry out (i.e. doesn't involve me 
> hacking the all the time).
> -- 
> Mark Benson
> -- 
> PHP Database Mailing List (
> To unsubscribe, visit:

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to