Apache username and password

[fergmj]

I am using apache's htaccess (basic authentication) to protect a perl script.

I would like for the perl script to have access to the username and password that the user types in when they get the apache pop-up box. Is there a way that I can get the username and password so my script canuse them?

Thanks

 

[AHinMaine]

You can get the user with:

$username=$ENV{'REMOTE_USER'};

But I don't believe the password can be obtained. --
Andy

http://www.nachoz.com

 

[tanderso]

Use your own authentication with a text box for the username and a password text box for the password.
Sincerely,

Tom Anderson
CEO, Order amid Chaos, Inc.

http://www.oac-design.com

 

[fergmj]

Tom -

How would I do my own?

Thanks

Mindy

 

[tanderso]

Keep a file with a list of usernames and passwords, perhaps encrypted with something like the crypt() function, preferably outside of your web directory tree. Then compare the entered username/password with the list and give access if it matches. To pass authentication from page to page, generate a session ID which expires after a period of time.
Sincerely,

Tom Anderson
CEO, Order amid Chaos, Inc.

http://www.oac-design.com

 

[tarn]

I guess that you realise that http:// usernameassword @

http://www .yourdomain

.com/ will let you in direct ?

So I guess that you could have your own login page (perl script) that takes the resulting uname/pass, then does a redirect like the above url (then rewrite the url again to hide the uname/pass. as the browser will cache the credentials for that secession and sustain your access)? .... Ok a bit long winded but its a start!

L.

 

[PaulTEG]

To fergmj,

Use a textarea for both the username & password fields, and also set the type of the password field to password.

The reason for this is MS helpful?? autocomplete functional;ity doesn't apply to textareas, but does to textboxes

HTH
;P