I'm using php to redirect users to a directory protected with apache basic authentication. I'm using the following url format to automatically log users into this directory:
http://username:[email protected]/protected.
This works fine in all browsers except IE, which no longer supports passing the username/password in the url.
Is there another way for a web application to automatically log a user into a directory protected with apache basic auth?
Update: If possible, please disregard the inherent downsides of using apache basic auth and http unless you are able to provide a viable alternative that addresses this question...namely how I can automatically log a user into a protected directory. This is for a client that is already using apache basic auth. Thanks :)
Microsoft has an detailed explanation of this issue including different workarounds in their knowledge base. This should get you on to a good start.
Please do also take a look at my comment about mixing HTTP with Basic Auth. You usually don't want to do this if security is an issue. Always use HTTPS because Basic Auth is not encrypted.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With