HTTP Authentication

Anon

Hi,
I've tried to send username and password (to avoid the popping window) with the PHP-header like this:

header("Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==");

Just like described on http://www.ietf.org/rfc/rfc2617.txt (page 5).

Apache doesn't accept my data!

Is there anybody out there with an idea?

Thanks a lot,

Toni

Anon

You're going in the wrong direction. That's a header that a user agent (i.e. web browser) would throw at the web server from the other side of the fence.

You can send the username and password like this:

http://uername:password@server.domain.com

but that will likely show their username and password.

To make it work, you can make a main login page that does a "header ("location: http://server.domain.com/index.html");

So their username and password disappear after the blind login.