I have a site hosted on Apache which contains some protected content. I want to provide access to this protected content to users that are authenticated in another application. The content is protected using htaccess and htpasswd.
I would like to use curl to set the username and password, then redirect the user to the protected folder. I can do this easily if the protected content is a single file, but my solution seems to only work for the one page. As soon as the user clicks a link and trie开发者_StackOverflow中文版s to access another page, the session is lost. There are hundreds of pages in the directory.
Here is the code I am using:
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL,'http://domain.com/protected_folder/');
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "username:password");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
curl_exec($ch);
curl_close($ch);
I have two problems with the results:
- A full redirect is not done, so any links that are clicked are referencing back to the folder where the php file resides, not the protected folder. The address bar still shows the path to the php script.
- It appears the session is lost immediately. Any attempt to access resources in the protected folder is prompted with a login box.
Any ideas on how to resolve either of these two issues would be greatly appreciated.
Are you married to using htaccess authentication? You'll have greater flexibility if you use authentication through PHP instead.
http://php.net/manual/en/features.http-auth.php
精彩评论