chicken or egg question here...
assuming the directory requires authentication a la .htaccess or httpd.conf
allow/deny
does this methos encapsulate the authentication in the SSL or does this only
eget applied after authenticating and reading the file to get the header
portion.
Example, current
I have done something like this.
For the site I am working on, the user must log on. At the logon screen I
check
if(getenv(HTTPS)!=on)
{
header (Location: https://logon_screen;);
}
every page has an include that checks $HTTPS as part of the sessions and
validation. If https!=on then it kicks
2 matches
Mail list logo