If you go to a site that has a password protected directory and you access a
file in that directory, you have to enter your user name and password. After
you have entered your user name and password, as long as you keep the
browser window open you can navigate to any other file that is in the
password protected directory. I can only assume that some sort of session
has been started that allows you to do this with out having to keep
re-authenticating. What I need to be able to do is start this session and
authenticate the user with out actually having them log in via the pop up
window. I would think that there should be some way of doing this. I thought
of writing a include statement that looked something like this.
Include(http://username:[EMAIL PROTECTED]/members/); which I believe
would work but it seems like kind of a ugly way of doing it. If it is a
session that is keeping track of authenticated users, is there some way of
initiating via a script? I hope this makes it a little more clear as to what
I am trying to accomplish. Thanks in advance for any help. 


-----Original Message-----
From: Miguel Cruz [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 23, 2002 1:18 PM
To: Morten Ronseth
Subject: Re: [PHP] authentication 

On Tue, 23 Apr 2002, Morten Ronseth wrote:
> Anybody know how to revoke the HTTP authentication, i.e. log people out,
> using PHP?

With most browsers, you can send HTTP status 401 and re-send your realm in 
the WWW-Authenticate header. The browser will assume its cached 
credentials have become invalid and toss them, asking the user once again 
to log in.

It's still a little awkward, and is one more reason why using 
session/cookie-based auth is much friendlier.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to