I believe that can be done, but I can't for the life of me remember how offhand.
hotscripts.com or a google search could help more on that, however...
Concerning authentication, wouldn't it be easier to simply store username and passwords, probably md5() passwords in a database table and then use a form to authenticate users?
Its pretty secure and every site I've ever worked on has used this system, especially if you use $_POST[''] type variables and\or an include to prevent "dodgy" variables being passed throug the header.
Switching off register_globals is good, imho, as it makes you use all the superglobals ($SERVER, $POST, $_GET etc...) which makes the site more secure, again, thats just my opinion though 😃
