|
|
Posted by Gordon Burditt on 05/12/05 14:17
>Without going into the details of my code: is it possible to have two
>different users logged in at the same time?
It depends on what kind of login you are talking about.
>I had one page where I found the username correctly set, and another
>where it wasn't. (Just by checking <?= $_SERVER['PHP_AUTH_USER'] >? at
>the top of each page.)
>Wondering why it would be set for one page and not another (and as a
>sanity check) I wrote another page which sends the basic auth headers
>and so logged in again.
If you are dealing with a .htaccess basic login, and the authentication
realm (AuthName) is different, a browser can have lots of different
logins active (or not) on the same server. The browser uses the
authentication realm to determine which one to send.
>Now the first page shows my original username. All the other pages
>(which used to show username at all) now show the second username. I can
>freely switch between them too: it's very consistent. One page, user1.
>All the rest: user2.
Are the pages in different directories? While .htaccess can apply
different authentication to different pages, it's harder to do that
by accident in the same directory.
>I'm really confused. I didn't think it was possible to be logged in as
>two different users in the same browser against the same host at the
>same time.
It's easy to have lots of different applications, each with their
own directory and different AuthName, and potentially different
password files, on the same server.
Gordon L. Burditt
Navigation:
[Reply to this message]
|