alexander.elg...@t-systems.com wrote:
Hello,
I am looking for a way to retrieve the AUTH password, without using mod_rewrite
...
I'd be interested in how you would do it, using mod_rewrite.
For my personal education..
my $cgi = new CGI;
$cgi->remote_user; # this is the user
$cgi->remote_password???; # but where is the password?
Nowhere. Why would it be ? if remote_user() responds with something defined, then it
means the user is authenticated - by whatever method has been configutred to do so - and
your script can trust that id. So why would it need to know the user's password ?
The mere fact that you /could/ obtain the user's password is going to give sleepless
nights to any corporate network administrator. Most reasonable web authentication methods
are designed so that the user's password is never even transmitted over the wire.
In PHP, this is $_SERVER['PHP_AUTH_PW'].
Possibly. But that supposes that something put it there. What did ?
It would be nice to know, if there is a proper way to do such a thing.
The first info you would need to provide, is the authentication method used by Apache in
your case. There are many.
