[thelist] Apache security and PHP sessions
Alex Ezell
taranis at spittingllamas.com
Thu Nov 21 17:38:01 CST 2002
Howdy all,
I have an application that uses sessions to store the user info that it
needs to display the correct pages. Right now, the access to these pages is
handled with basic Apache <Directory> security directives. Is there any way
to capture the username that the user uses to authenticate with Apache and
store it in the PHP session?
What I want to avoid is the user authenticating with Apache and then having
to login or enter their username again if the session cookie has been
destroyed or never created.
I suppose the other option is to move authentication to the script/DB
instead of doing it with Apache. I could do that, but until I can write
that code, is there some way to make the above possible?
BTW, I won't be able to respond again until morning EST, so don't think I
am ignoring follow-ups or questions.
--
Alex Ezell
http://www.spittingllamas.com
"Formal Restrictions, contrary to what you might think, free you up by
allowing you to concentrate on purer ideas."
- Winter Sorbeck in Chip Kidd's The Cheese Monkeys
More information about the thelist
mailing list