On Thursday 19 July 2001 07:39, pmt_2k wrote:
> im trying to get ie to throw up a www-authenticate box for username /
> password input. im running windows 2000 advanced server and php 4.0
> the code im using (trying to anyway)
>
> <?php
> if (!isset($PHP_AUTH_USER))
>
> Header("WWW-Authenticate: Basic realm=\"Admin\"");
> Header("HTTP/1.0 401 Unauthorized");
If you are using the CGI version of PHP (which is the only production
strenght version for IIS) then sadly IIS 'beats you to it' on the
authentication front and does the authentication for you based on NTLanMan
file permissions.
The ISAPI version of PHP can be installed as an ISAPI filter to get in on the
act early enough to get at the authentication headers, but is unlikely to be
stable enough for production use.
Depending on your requirements, your options are:
Allow IIS to do authenticaton based on file permissions. The up side is that
it's dead easy. The downside is that all your users have to be real users on
the system with 'log on locally' rights.
Use Apache instead.
Cheers
--
Phil Driscoll
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
