PDA

View Full Version : Password Protected Directories User Access



vbsouthern
01-30-2006, 04:41 PM
First, I know how to create and use .htaccess and .htpasswd files.

What I can't seem to find is a cgi or php script that can access .htaccess or .htpasswd.

I have search the web with search words like, (password protected directory cgi php) and I have found dozens of scripts that do not work.

It would be nice if a user could go to a webpage on my site and login using their username and password and then have access to the protected directory.

Every script I have used calls up this microsoft window

http://www.god-country-history.com/MS_Password_Window.jpg

and, at least to me, this is a very UGLY way to do things.

Another way I have tried to access the dir is to use a link with the username and password in the link like this,

http://www.sitename.com/webpage.htm:username&password
I have tried every syntax I could think of and none seem to work.

Example of .htaccess

AuthUserFile /to/the/dir/.htpasswd
AuthGroupFile /dev/null
AuthName "Protected Area"
AuthType Basic
<Limit GET PUT POST>
require valid-user
Example of .htpasswd

username:encryptedpassword
Any suggestions or ideas are welcome.

allyn
01-30-2006, 08:20 PM
try this: http://username:password@www.sitename.com/

basic authentication (.htaccess) and cgi/php are not compatible as far as i know. if you wanted to go the cgi/php route, you would probably have to use cgi/php to serve all of the files, like this:

http://www.sitename.com/cgi-bin/fileaccess?filename

vbsouthern
01-31-2006, 01:19 AM
I have tried:

http://myusername=username:mypassword=password@www.sitena me.com/
http://www.sitename.com/@username:password
http://username:password@www.sitename.com/
http://username=myusername:password=mypassword@www.sitena me.com/
http://www.sitename.com/?username&password
http://www.sitename.com/?username=myusername&password=mypassword
http://www.sitename.com/username:password
Everytime IE says Invalid Syntax Error

Any and all suggestions welcome.

torrin
01-31-2006, 12:59 PM
As vbsouthern has found out, Microsoft has disabled that functionality for security reasons. The seem to have some workarounds at the knowledge base article found at the link below.

http://support.microsoft.com/kb/834489

As for the ugly window, this is the standard way basic authentication works in every browser that I've used. If you want something different, you'll probably have to write an authentication system yourself. :(