|
|
Posted by Michele on 12/20/06 14:58
I'm using apache 2.0.59 and php 5.2.
I've a problem authenticating a user.
When a user is not authenticated he's being redirected to
http://...../index/index.php
index php will then send the following header
I'm sending the user this header to authenticate a user:
header('WWW-Authenticate: Digest '.
'realm="'.$this->realm.'", '.
// 'domain="'.$this->baseURL.'", '.
'qop=auth, '.
'algorithm=MD5, '.
'nonce="'.$this->getNonce().'", '.
'opaque="'.$this->getOpaque().'"'
);
where $this->baseURL ="/";
The user is then authenticated on my server and can see the page
/index/index.php.
if I send requestes for /index/index.php I see that the client
correctly sends Authorization headers in the response so there is no
problem.
Then If the user go to /query/indexquery.php or somewhere else, his
browser (which is IE6) doesn't send Authorization headers so I can't
check whether he is authenticated or not.
I've tried to change baseURL to be "\" or "//". I just can't figure it
out why I get this problem, when by setting the domain to "/" I
expected to be authenticated on the whole site and not just in some
directories.
Anyone has a clue of what's happening?
thank you
Michele
Navigation:
[Reply to this message]
|