Htaccess login page


#1

Is it possible to have the htaccess login prompt on a web page rather than as the standard pop-up window. If so, how can I do this.


#2

You can indeed. I’ve seen various JavaScript-based solutions online. Here’s the first that Google could find: http://javascript.internet.com/navigation/htaccess-login.html


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)


#3

Thanks, but i’m looking for something a little bit more secure. The javascript solutions push the inputted userid and password directly into the URL in the browser. The userid and password are then stored in cache and history of the browser and isn’t very secure. I was hoping there was some other method that was more secure.


#4

Since the authentication process is a function of the browser (which is why only JavaScript can play with it), your best bet is to ditch the .htaccess approach and build a proper secure login system in PHP or something.


Simon’s website
Save $100 on 1-year plans with promo code [color=#CC0000]SCJESSEY100[/color] (details)


#5

I’m not familiar with htaccess.

But i’m familiar with PHP. Do you wanna try with PHP aunthentication function?

Save [color=#CC0000]$97[/color] (max discount) on dreamhost plans by using promo code: [color=#CC0000]97CRAZY[/color].


#6

Hi blkmustng,

Were you able to find a workaround? The javascript will not work since Microsoft have disable username:password@url.com

jk


#7

just get to know htaccess. you may want to refer wiki http://wiki.dreamhost.com/index.php/Htaccess#Authentication_examples htaccess is very useful

Save [color=#CC0000]$97[/color] (max discount) on dreamhost plans by using promo code: [color=#CC0000]97CRAZY[/color].


#8

the htaccess documentation won’t help me. I am authenicating users by group using mysql. I’m trying to pass credentials to the htaccess file from another server in .Net. Have not been able to done so, I keep getting 401 unauthorized error.


#9

If I understand you correctly, you want users to log in to access the pages.

you can either create a log in page, or use PHP authentication function. Both needs the connection to mysql database.

Save [color=#CC0000]$97[/color] (max discount) on dreamhost plans by using promo code: [color=#CC0000]97CRAZY[/color].


#10

Or you can use Sqlite, or flat-files, or some other storage method…you do not have to use MySQL.

–rlparker


#11

My application already uses mySql to authenicate users and it works fine.

My question is, I don’t want the authenication pop up window. I have two applications on seperate server, one unix and one windows. I am building an application written in .Net that will link to the java app that is protected by htaccess/mysql. I don’t want the user to see the authentication window, so I have to secretly (in .net) to pass the user’s credentials to htaccess and let htaccess do its authenication in the background. How do I or can I pass the credentials to htaccess from another server?

If I build a html form, then where does the form values go, since microsoft won’t allow username:password@url.com anymore?


#12

I have no idea how to do what you propose. Other than the “deprecated” method of passing the credentials to an Apache authentication protected page via the url (which, even if it would work would be horribly insecure) I know of no way to avoid the authentication dialog box when attempting to access that kind of a protected page.

I would consider abandoning the whole apache authentication process, and write my own authentication routine if I were attempting to do what you describe.

–rlparker