I'm trying to do a similar thing, although I'm running PHP as an Apache 
module. There's a directory I want to protect, containing PDf files, access 
to which will be constrained by .htaccess.

Our users have already logged in through a custom login script. I could 
modify this script so that when the users are authenticated, I can assign a 
username/password combination which would be acceptable to .htpasswd.

Alternately I could add mod_auth_mysql and use it to authenticate.

In either case, a user name and password have to be passed to Apache. Is 
this done by assignment to $PHP_AUTH_USER  and $PHP_AUTH_PW?

If so would mod_auth_mysql pick those up automatically, thus the popup 
wouldn't appear?

My other alternative is to move the PDF's outside the web tree and deliver 
them using the header() function. Although it's been tested and works, many 
subscribers have IE 5.5 and work in an environment where the company 
directs what browser will be used.

This has become a sticky issue, and all suggestions will be welcome. 
(Including that I RTFM, if I've missed a particular section.)

Regards - Miles Thompson

At 11:35 AM 1/14/2002 -0800, [EMAIL PROTECTED] wrote:
>Apparently i have been unclear, allow me to rephrase:
>I want to send user:pass to an apache authentication header for a apache
>protected user directory.  Unfortunately, I have php installed as CGI so
>native php authentication will not function.  I would like
>to either send the user:pass via GET in a url encoded sting (if possible
>as CGI) OR send user:pass
>directly to the header using a different method. Due to restrictions
>imposed on me, i am not able
>to make use of a single unified logon using LDAP or NTLM. In my case,
>since there are several user
>directories spanning severl realms, I must first authenticate users
>against a mysql auth db and fetch
>the the realm user:pass based on that users permissions.
>Is it possible to send the user:pass in any of the methods described
>above? If so, how can i implement
>Aaron Lake
>Kvaerner Chemetics
>A Division of Kvaerner Canada Inc
>(604) 730 4206
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to