check mod_auth module.
阿帕奇有这个功能,你找找。 在 2011-5-16 下午1:41,"孙俊" <wienne...@gmail.com>写道: > I think this situation is common > > After logging in to the application, access a file link. > php comparing the relevant permissions correctly, the file is loaded into > memory, then sent to the client. > If this file is how to do when there is 1G? This will be a lot of server > resources, and the performance is very poor. > > I think if the certification of the work handled by apache, not the > kind of user > name and password input boxes of the kind. > > For example, php session passed to apache, so apache to use the session to > save the UID and password to access the database for authentication. > Or, use the HTTP head parameters, send the UID and password to authenticate > apache > > When verified by the apache to send the file to the client, did not return > to the state by 302 when > > Apache does not know such a feature? > > (google translate) > > 我想这种情形很普遍 > > 在登录到应用系统后,访问某个文件链接。 > php将相关权限对比正确后,将文件加载到内存,再发送给客户端。 > 如果这个文件有1G时怎么办?这将会大量的服务器资源,而且性能非常差。 > > 我想到如果将认证的工作交由apache处理,不是那种用户名和密码输入框的那种. > > 例如,php的会话传递给apache,让apache使用会话保存的UID和密码去访问数据库进行验证。 > 或者,使用HTTP head 参数,发送UID和密码传递给apache进行认证 > > 当验证通过时由apache将文件发送给客户端,未通过时返回状态302 > > 不知道apache有这样的功能吗?