[TriLUG] htaccess

[Joseph Tate]

I love it when I can catch Aaron with something.  When connecting to a
password protected area, the server returns a 401 Unauthorized, which
is what causes the browser to pop up the username/password dialog.  If
after X attempts it fails (I believe that's set on the web server), it
will return a 403.  If you're doing this in PHP and send a 403, the
browser will simply show the 403 error page.  You'll need to modify
the response code to send a 401 in order to pop up that
username/password dialog.  In my previous employment incarnation, I
helped developed a system whereby you could authenticate either via
basic auth type mechanisms, or through a web form.  All authentication
was against the DB backend.


On Thu, 24 Mar 2005 18:48:28 -0500, Aaron S. Joyner <aaron at joyner.ws> wrote:
> clear the cache.  Any time *before* that cache is cleared, if you
> request a page that returns a 403 with the same "Realm" from above(1),
> the browser will attempt to supply the credentials it has cached for
> that realm.  You can use this fact to pre-cache the authentication

-- 
Joseph Tate
Personal e-mail: jtate AT dragonstrider DOT com
Web: http://www.dragonstrider.com