[nycphp-talk] NEW PHundamentals Question - HTTP Authentication
Hans Zaunere
hans at nyphp.com
Fri Nov 5 21:31:28 EST 2004
> I just discovered a really great reason to use PHP's built-in support
> for HTTP authentication.
>
> At work, we have a PHPWiki set up for some of the developers. It's
> completely private, you have to log in to view anything. It also has
> an RSS feed that you can use to track recently edited pages.
>
> If PHPWiki used HTTP authentication, then team members could use a
> Newsreader to keep an eye on recent edits, because they could embed
> the login information in the URL:
>
>
http://username:password@intranet/wiki/index.php/RecentChanges?format=rs
s
>
> But since PHPWiki authenticates via an HTML form, there's nothing they
> can do. So I guess I won't call this a silly feature anymore.
That's an excellent point, and probably something no one thinks about
when considering HTTP Auth.
That said, however, I think the perfect solution would be to convert the
HTTP auth into a form auto mechanism. I haven't looked at the headers a
URL like the above generates, but I'm sure it possible to redirect that
into a non HTTP auth form post?
---
Hans Zaunere
President, Founder
New York PHP
http://www.nyphp.org
More information about the talk
mailing list